| Knortzsch | 25.09.2014 11:15 |
So, wie versprochen der Check.
Die Daten im Anhang. Kannst du daraus etwas lesen was merkwürdig sein könnte?
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Knortzsch (administrator) on KNORTZSCH-PC on 25-09-2014 12:02:45
Running from G:\toolö
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Bitdefender) E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\updatesrv.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
() C:\Program Files (x86)\SpyShelter Premium\SpyShelter.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(Bitdefender) E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdagent.exe
(Electronic Arts) E:\Programme\Origin\Origin.exe
(Microsoft Corporation) C:\Users\Knortzsch\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Knortzsch\AppData\Roaming\Spotify\spotify.exe
(Bitdefender) E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Dropbox, Inc.) C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Bitdefender) E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
() C:\Program Files (x86)\WebMoney Agent\wmagent.exe
() C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
() C:\Program Files (x86)\iSafe\ipcdl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [SpyShelter] => C:\Program Files (x86)\SpyShelter Premium\SpyShelter.exe [5083488 2014-02-13] ()
HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1585040 2014-04-29] (cFos Software GmbH)
HKLM\...\Run: [Bdagent] => E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdagent.exe [1580360 2014-08-27] (Bitdefender)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [wmagent.exe] => C:\Program Files (x86)\WebMoney Agent\wmagent.exe [210400 2009-10-19] ()
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1562689554-4061845138-2751961312-1000\...\Run: [EADM] => E:\Programme\Origin\Origin.exe [3600216 2014-08-29] (Electronic Arts)
HKU\S-1-5-21-1562689554-4061845138-2751961312-1000\...\Run: [SkyDrive] => C:\Users\Knortzsch\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-07-30] (Microsoft Corporation)
HKU\S-1-5-21-1562689554-4061845138-2751961312-1000\...\Run: [Spotify] => C:\Users\Knortzsch\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-08-29] (Spotify Ltd)
HKU\S-1-5-21-1562689554-4061845138-2751961312-1000\...\Run: [Bitdefender-Geldbörse-Agent] => E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdwtxag.exe [815088 2014-08-27] (Bitdefender)
HKU\S-1-5-21-1562689554-4061845138-2751961312-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1562689554-4061845138-2751961312-1000\...\MountPoints2: {10850274-b291-11e3-bdf5-50e5493d8dc3} - H:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
Startup: C:\Users\Knortzsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x93F4AB54B247CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @zoom.us/ZoomVideoPlugin -> C:\Users\Knortzsch\AppData\Roaming\Zoom\bin\npzoomplugin.dll (Zoom Video Communications, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> E:\Programme\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdtbext [2014-08-26]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-24]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-08-26]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdtbext
Chrome:
=======
CHR HomePage: Default -> hxxp://www.steamprices.com/de
CHR StartupUrls: Default -> "about:blank"
CHR NewTab: Default -> "chrome-extension://dljbcjbfojhlfhgenhepllagfecdpchb/startpage/startpage.html"
CHR DefaultSearchKeyword: Default -> Google
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-18]
CHR Extension: (Google Docs) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-23]
CHR Extension: (Google Drive) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-26]
CHR Extension: (YouTube) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-23]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-26]
CHR Extension: (Google Search) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-23]
CHR Extension: (PasswordBox - Free Password Manager) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljbcjbfojhlfhgenhepllagfecdpchb [2014-05-26]
CHR Extension: (ZenMate) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-26]
CHR Extension: (Google Wallet) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-23]
CHR Extension: (Gmail) - C:\Users\Knortzsch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 BdDesktopParental; E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdparentalservice.exe [77632 2014-08-27] (Bitdefender)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [507792 2014-04-29] (cFos Software GmbH)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048 2014-08-08] (Elex do Brasil Participações Ltda)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-05] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 UPDATESRV; E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-08-27] (Bitdefender)
R2 VSSERV; E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\vsserv.exe [1513952 2014-08-27] (Bitdefender)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Abyssus; C:\Windows\System32\drivers\Abyssus.sys [10880 2009-10-30] (Razer (Asia-Pacific) Pte Ltd)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-08-27] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-27] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-23] (Disc Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-12-07] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R1 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [247488 2014-08-08] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45248 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [78016 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [65216 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [49320 2014-08-06] (Elex do Brasil Participações Ltda)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Spyshelter; C:\Program Files (x86)\SpyShelter Premium\SpyShelter.sys [785248 2014-02-13] (SpyShelter)
R1 SpyshelterKb; C:\Program Files (x86)\SpyShelter Premium\SpyshelterKb.sys [237408 2013-12-23] (SpyShelter)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-08-27] (BitDefender S.R.L.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-25 12:02 - 2014-09-25 12:02 - 00000000 ____D () C:\FRST
2014-09-17 08:49 - 2014-09-17 08:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 08:49 - 2014-09-17 08:49 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-10 16:39 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 16:39 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 16:39 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:39 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:39 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 16:39 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 16:39 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:39 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:39 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:39 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 16:39 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 16:39 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 16:39 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 16:39 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:39 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 16:39 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 16:39 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 16:39 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:39 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 16:39 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 16:39 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 16:39 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:39 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 16:39 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 16:39 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 16:39 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 16:39 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 16:39 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 16:39 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 16:39 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:39 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 16:39 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 16:39 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:39 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 16:39 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 16:39 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 16:39 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 16:39 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:39 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 16:39 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:39 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 16:39 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 16:39 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 16:39 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 16:39 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 16:39 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:39 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 16:39 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:39 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 16:39 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 16:39 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 16:39 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:39 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 16:39 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 16:39 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 16:39 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 16:30 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 16:30 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 16:27 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 16:27 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 16:27 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 16:27 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 16:27 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 16:27 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 16:27 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 16:27 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 16:27 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 12:13 - 2014-09-25 11:58 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-09-10 12:13 - 2014-09-10 19:42 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\iSafe
2014-09-10 12:13 - 2014-09-10 12:13 - 00000000 ____D () C:\Windows\system32\log
2014-09-10 12:13 - 2014-09-10 12:13 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\eCyber
2014-09-10 12:13 - 2014-09-10 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-09-10 12:13 - 2014-08-08 08:24 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-09-01 15:43 - 2014-09-01 15:44 - 00000000 ___HD () C:\Users\Knortzsch\AppData\Roaming\hwbie
2014-08-29 00:33 - 2014-08-29 00:33 - 405026909 _____ () C:\Windows\MEMORY.DMP
2014-08-29 00:33 - 2014-08-29 00:33 - 00262144 _____ () C:\Windows\Minidump\082914-24819-01.dmp
2014-08-29 00:33 - 2014-08-29 00:33 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 14:13 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 14:13 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 14:13 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:47 - 2014-08-27 21:47 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-08-27 21:43 - 2014-08-27 21:43 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-08-27 01:32 - 2014-08-27 01:32 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-27 01:32 - 2014-08-27 01:32 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\Oracle
2014-08-27 01:32 - 2014-08-27 01:31 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-27 01:32 - 2014-08-27 01:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-27 01:32 - 2014-08-27 01:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-27 01:31 - 2014-08-27 01:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-26 22:14 - 2014-08-26 22:14 - 00000000 ____D () C:\Users\Knortzsch\AppData\Temp
2014-08-26 22:10 - 2014-08-26 22:10 - 00793721 _____ () C:\ProgramData\1409082417.bdinstall.bin
2014-08-26 22:10 - 2014-08-26 22:10 - 00000684 ____H () C:\bdr-cf01
2014-08-26 22:10 - 2014-08-26 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-08-26 22:09 - 2014-08-27 21:47 - 01260120 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-08-26 22:09 - 2014-08-27 21:46 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-08-26 22:09 - 2013-11-13 16:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-08-26 22:09 - 2013-11-04 16:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-08-26 21:52 - 2014-08-26 22:15 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\Bitdefender
2014-08-26 21:52 - 2014-08-26 22:10 - 00009216 ____H () C:\bdr-ld01.mbr
2014-08-26 21:52 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-08-26 21:51 - 2014-08-26 22:10 - 00253404 ____H () C:\bdr-ld01
2014-08-26 21:51 - 2013-09-24 16:38 - 46879860 ____H () C:\bdr-im01.gz
2014-08-26 21:47 - 2014-08-27 21:41 - 00419616 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-08-26 21:47 - 2013-08-23 13:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-08-26 21:45 - 2014-08-26 21:45 - 00250832 _____ () C:\ProgramData\1409082088.bdinstall.bin
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-25 12:02 - 2014-09-25 12:02 - 00000000 ____D () C:\FRST
2014-09-25 11:58 - 2014-09-10 12:13 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-09-25 11:29 - 2014-03-23 17:00 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 10:28 - 2014-03-23 16:59 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 09:34 - 2013-12-07 19:06 - 02095010 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 09:33 - 2014-03-24 13:57 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\Spotify
2014-09-25 09:32 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 09:32 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 09:28 - 2014-03-24 01:58 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-25 09:27 - 2013-12-07 20:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-25 09:27 - 2013-12-07 20:18 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-09-25 09:27 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-25 09:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-25 09:27 - 2009-07-14 06:51 - 00066202 _____ () C:\Windows\setupact.log
2014-09-17 09:57 - 2014-03-23 15:54 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\Skype
2014-09-17 09:37 - 2014-03-24 02:50 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\WebMoney
2014-09-17 08:49 - 2014-09-17 08:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-17 08:49 - 2014-09-17 08:49 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-17 08:49 - 2014-03-23 15:54 - 00000000 ____D () C:\ProgramData\Skype
2014-09-17 08:46 - 2014-03-24 13:58 - 00000000 ____D () C:\Users\Knortzsch\AppData\Local\Spotify
2014-09-17 08:46 - 2014-03-23 16:38 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\Dropbox
2014-09-17 01:47 - 2014-03-23 17:49 - 00000084 _____ () C:\Windows\winamp.ini
2014-09-17 00:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-16 10:38 - 2009-07-14 19:58 - 00702640 _____ () C:\Windows\system32\perfh007.dat
2014-09-16 10:38 - 2009-07-14 19:58 - 00150280 _____ () C:\Windows\system32\perfc007.dat
2014-09-16 10:38 - 2009-07-14 07:13 - 01628108 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 10:23 - 2014-03-24 01:56 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\SpyShelter
2014-09-15 10:06 - 2014-07-05 10:59 - 00000000 ____D () C:\ProgramData\Origin
2014-09-14 11:20 - 2014-03-24 13:11 - 00000000 ____D () C:\Users\Knortzsch\AppData\Local\CrashDumps
2014-09-11 16:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-10 19:42 - 2014-09-10 12:13 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\iSafe
2014-09-10 16:39 - 2014-03-23 17:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 16:37 - 2014-03-23 17:47 - 01601452 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 16:36 - 2014-03-24 03:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 16:30 - 2014-03-24 03:20 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 12:24 - 2014-03-23 18:18 - 00017664 _____ () C:\Windows\PFRO.log
2014-09-10 12:14 - 2014-03-24 13:10 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-09-10 12:13 - 2014-09-10 12:13 - 00000000 ____D () C:\Windows\system32\log
2014-09-10 12:13 - 2014-09-10 12:13 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\eCyber
2014-09-10 12:13 - 2014-09-10 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-09-09 19:16 - 2014-03-27 00:42 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\vlc
2014-09-05 15:31 - 2014-04-04 11:03 - 00000000 ____D () C:\Users\Knortzsch\AppData\Local\JDownloader v2.0
2014-09-04 10:00 - 2014-03-24 02:07 - 00251716 _____ () C:\Windows\DirectX.log
2014-09-01 15:44 - 2014-09-01 15:43 - 00000000 ___HD () C:\Users\Knortzsch\AppData\Roaming\hwbie
2014-08-29 00:33 - 2014-08-29 00:33 - 405026909 _____ () C:\Windows\MEMORY.DMP
2014-08-29 00:33 - 2014-08-29 00:33 - 00262144 _____ () C:\Windows\Minidump\082914-24819-01.dmp
2014-08-29 00:33 - 2014-08-29 00:33 - 00000000 ____D () C:\Windows\Minidump
2014-08-29 00:33 - 2009-07-14 06:45 - 00409184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:47 - 2014-08-27 21:47 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-08-27 21:47 - 2014-08-26 22:09 - 01260120 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-08-27 21:46 - 2014-08-26 22:09 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-08-27 21:43 - 2014-08-27 21:43 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-08-27 21:41 - 2014-08-26 21:47 - 00419616 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-08-27 09:25 - 2014-03-26 12:15 - 00000433 _____ () C:\Windows\system32\checkdnsid.xml
2014-08-27 01:32 - 2014-08-27 01:32 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-27 01:32 - 2014-08-27 01:32 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\Oracle
2014-08-27 01:32 - 2014-03-23 19:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-27 01:31 - 2014-08-27 01:32 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-27 01:31 - 2014-08-27 01:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-27 01:31 - 2014-08-27 01:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-27 01:31 - 2014-08-27 01:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-26 22:18 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-08-26 22:17 - 2014-06-11 21:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-26 22:15 - 2014-08-26 21:52 - 00000000 ____D () C:\Users\Knortzsch\AppData\Roaming\Bitdefender
2014-08-26 22:15 - 2014-03-23 15:59 - 00000000 ____D () C:\ProgramData\BDLogging
2014-08-26 22:14 - 2014-08-26 22:14 - 00000000 ____D () C:\Users\Knortzsch\AppData\Temp
2014-08-26 22:10 - 2014-08-26 22:10 - 00793721 _____ () C:\ProgramData\1409082417.bdinstall.bin
2014-08-26 22:10 - 2014-08-26 22:10 - 00000684 ____H () C:\bdr-cf01
2014-08-26 22:10 - 2014-08-26 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-08-26 22:10 - 2014-08-26 21:52 - 00009216 ____H () C:\bdr-ld01.mbr
2014-08-26 22:10 - 2014-08-26 21:51 - 00253404 ____H () C:\bdr-ld01
2014-08-26 22:10 - 2014-03-23 15:48 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-08-26 21:47 - 2014-03-23 15:48 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-08-26 21:46 - 2014-03-23 15:48 - 00000000 ____D () C:\Program Files\Bitdefender
2014-08-26 21:45 - 2014-08-26 21:45 - 00250832 _____ () C:\ProgramData\1409082088.bdinstall.bin
Some content of TEMP:
====================
C:\Users\Knortzsch\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgwe5oe.dll
C:\Users\Knortzsch\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Knortzsch\AppData\Local\Temp\proxy_vole3107232840635925002.dll
C:\Users\Knortzsch\AppData\Local\Temp\word.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-16 16:05
==================== End Of Log ============================
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
Ran by Knortzsch at 2014-09-25 12:03:13
Running from G:\toolö
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.11.0.872 - Bitdefender)
Brother HL-5240 (HKLM-x32\...\{988DD770-0065-40AA-86DF-C5EC3D99E429}) (Version: 1.00 - Brother)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
cFosSpeed v9.60 (HKLM\...\cFosSpeed) (Version: 9.60 - cFos Software GmbH, Bonn)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version: - Microsoft)
DirPrinter - Deinstallation (HKLM-x32\...\DirPrinter_is1) (Version: 8.70 - Mathias Gerlach [aborange.de])
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Easy Tune 6 B11.0512.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0512.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
Razer Abyssus (HKLM-x32\...\{CBD6B23A-B54F-476A-9527-C262F469CACF}) (Version: 2.00 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SpyShelter Premium 9.0 (HKLM\...\SpyShelter_is1) (Version: 9.0 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27339 - TeamViewer)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.6.3 - Electronic Arts)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8F699D53-05FB-488E-B7D3-E4E47257BE5D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WebMoney Agent (HKLM-x32\...\WebMoney Agent) (Version: 3.5 - Softomate)
WebMoney Keeper Classic 3.9.9.1 (HKLM-x32\...\{6D9A7CEE-054A-437D-99EF-DD7C77E001FD}) (Version: 3.9.9.1 - WM Transfer Ltd.)
Yet Another Cleaner! (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
Zoom (HKCU\...\ZoomUMX) (Version: 2.5 - Zoom Video Communications, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Knortzsch\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Knortzsch\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Knortzsch\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Knortzsch\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1562689554-4061845138-2751961312-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
26-08-2014 23:31:43 Installed Java 7 Update 67
28-08-2014 14:29:05 Windows Update
04-09-2014 07:59:58 DirectX wurde installiert
10-09-2014 14:25:48 Windows Update
10-09-2014 14:30:29 Windows Update
25-09-2014 08:17:44 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {3144CD1B-D3D1-414B-877C-D3E3520232DC} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {651CED0B-B339-4C84-BFE0-A70CD43A4363} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-23] (Google Inc.)
Task: {7A6D96F7-F14B-439B-84D9-B789513CCB59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-23] (Google Inc.)
Task: {C1628F93-046C-4EC1-99F7-1FFA27E2EC3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-26 22:09 - 2014-08-27 21:41 - 00265080 _____ () E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-08-26 22:09 - 2014-06-30 13:26 - 00003072 _____ () E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-08-26 22:09 - 2012-10-29 15:22 - 00152816 _____ () E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdfwcore.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-26 22:15 - 2014-08-26 22:15 - 00780592 _____ () E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpbr.mdl
2014-08-26 22:15 - 2014-08-26 22:15 - 00568400 _____ () E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpdsp.mdl
2014-08-26 22:15 - 2014-08-26 22:15 - 02602680 _____ () E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpph.mdl
2014-08-26 22:15 - 2014-08-26 22:15 - 01323408 _____ () E:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttprbl.mdl
2013-12-07 20:26 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-08 13:11 - 2013-05-22 20:03 - 00042296 _____ () C:\Windows\system32\SpyShelterShellExt.dll
2013-12-07 20:16 - 2013-12-07 20:16 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2014-06-11 21:38 - 2014-07-05 09:48 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-08 13:11 - 2014-02-13 12:13 - 05083488 _____ () C:\Program Files (x86)\SpyShelter Premium\SpyShelter.exe
2009-10-19 13:47 - 2009-10-19 13:47 - 00210400 _____ () C:\Program Files (x86)\WebMoney Agent\wmagent.exe
2014-03-24 13:58 - 2014-08-29 00:34 - 00610872 _____ () C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-09-10 12:13 - 2014-08-08 08:17 - 02228896 _____ () C:\Program Files (x86)\iSafe\ipcdl.exe
2014-09-10 12:13 - 2014-08-08 08:17 - 00065696 _____ () C:\Program Files (x86)\iSafe\zlib1.dll
2014-09-10 12:13 - 2014-08-08 08:17 - 00092320 _____ () C:\Program Files (x86)\iSafe\curlpp.dll
2014-09-10 12:13 - 2014-08-08 08:17 - 00427168 _____ () C:\Program Files (x86)\iSafe\ipcproxy.dll
2014-09-10 12:13 - 2014-07-09 14:48 - 00176976 _____ () C:\Program Files (x86)\iSafe\tws\unrar.dll
2014-09-10 12:13 - 2014-07-09 14:48 - 00068432 _____ () C:\Program Files (x86)\iSafe\tws\zlib1.dll
2014-09-10 12:13 - 2014-07-09 14:48 - 00087744 _____ () C:\Program Files (x86)\iSafe\tws\unacev2.dll
2014-09-10 12:13 - 2014-08-08 08:17 - 00185640 _____ () C:\Program Files (x86)\iSafe\libpng.dll
2014-04-08 13:11 - 2014-02-13 12:14 - 00345952 _____ () C:\Program Files (x86)\SpyShelter Premium\klhelper.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00962560 _____ () E:\Programme\Origin\platforms\qwindows.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00024064 _____ () E:\Programme\Origin\imageformats\qgif.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00025088 _____ () E:\Programme\Origin\imageformats\qico.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00217088 _____ () E:\Programme\Origin\imageformats\qjpeg.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00261632 _____ () E:\Programme\Origin\imageformats\qmng.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00019968 _____ () E:\Programme\Origin\imageformats\qtga.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00302592 _____ () E:\Programme\Origin\imageformats\qtiff.dll
2014-03-23 20:01 - 2014-08-29 23:14 - 00018944 _____ () E:\Programme\Origin\imageformats\qwbmp.dll
2014-03-24 13:58 - 2014-08-29 00:34 - 36966968 _____ () C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\libcef.dll
2014-09-25 09:28 - 2014-09-25 09:28 - 00043008 _____ () c:\Users\Knortzsch\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgwe5oe.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Knortzsch\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-18 11:03 - 2014-08-29 00:34 - 00867896 _____ () C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-03-24 13:58 - 2014-08-29 00:34 - 00886840 _____ () C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-03-24 13:58 - 2014-08-29 00:34 - 00108600 _____ () C:\Users\Knortzsch\AppData\Roaming\Spotify\Data\libegl.dll
2013-12-07 20:06 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:41ADDB8A
AlternateDataStreams: C:\ProgramData\TEMP:905844AA
AlternateDataStreams: C:\ProgramData\TEMP:A064CECC
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Abyssus => E:\Programme\Razer\razerhid.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2014 11:20:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.18.0.106, Zeitstempel: 0x53d13f6d
Name des fehlerhaften Moduls: ieframe.dll, Version: 11.0.9600.17280, Zeitstempel: 0x53f26cda
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00064778
ID des fehlerhaften Prozesses: 0xd40
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (09/13/2014 11:59:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.18.0.106, Zeitstempel: 0x53d13f6d
Name des fehlerhaften Moduls: ieframe.dll, Version: 11.0.9600.17280, Zeitstempel: 0x53f26cda
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00064778
ID des fehlerhaften Prozesses: 0x1534
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (08/31/2014 11:34:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm thunderbird.exe, Version 24.4.0.5188 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1104
Startzeit: 01cfc5463ae3a3e8
Endzeit: 10
Anwendungspfad: E:\Programme\Thunderbird\thunderbird.exe
Berichts-ID: 9f5a81ce-3156-11e4-82b6-50e5493d8dc3
Error: (08/27/2014 09:10:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xb60
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Error: (08/26/2014 02:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WebMoney.exe, Version: 3.9.9.0, Zeitstempel: 0x50001cab
Name des fehlerhaften Moduls: WMClient.dll, Version: 3.9.9.1, Zeitstempel: 0x51a8d9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00269423
ID des fehlerhaften Prozesses: 0x1490
Startzeit der fehlerhaften Anwendung: 0xWebMoney.exe0
Pfad der fehlerhaften Anwendung: WebMoney.exe1
Pfad des fehlerhaften Moduls: WebMoney.exe2
Berichtskennung: WebMoney.exe3
Error: (08/20/2014 06:10:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WFS.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b33e
Name des fehlerhaften Moduls: WFS.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b33e
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000000386f8
ID des fehlerhaften Prozesses: 0x115c
Startzeit der fehlerhaften Anwendung: 0xWFS.exe0
Pfad der fehlerhaften Anwendung: WFS.exe1
Pfad des fehlerhaften Moduls: WFS.exe2
Berichtskennung: WFS.exe3
Error: (08/20/2014 06:10:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WFS.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b33e
Name des fehlerhaften Moduls: WFS.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b33e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000386f8
ID des fehlerhaften Prozesses: 0x115c
Startzeit der fehlerhaften Anwendung: 0xWFS.exe0
Pfad der fehlerhaften Anwendung: WFS.exe1
Pfad des fehlerhaften Moduls: WFS.exe2
Berichtskennung: WFS.exe3
Error: (08/15/2014 09:56:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WebMoney.exe, Version: 3.9.9.0, Zeitstempel: 0x50001cab
Name des fehlerhaften Moduls: WMClient.dll, Version: 3.9.9.1, Zeitstempel: 0x51a8d9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00084e0f
ID des fehlerhaften Prozesses: 0x199c
Startzeit der fehlerhaften Anwendung: 0xWebMoney.exe0
Pfad der fehlerhaften Anwendung: WebMoney.exe1
Pfad des fehlerhaften Moduls: WebMoney.exe2
Berichtskennung: WebMoney.exe3
Error: (08/15/2014 09:25:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WebMoney.exe, Version: 3.9.9.0, Zeitstempel: 0x50001cab
Name des fehlerhaften Moduls: WMClient.dll, Version: 3.9.9.1, Zeitstempel: 0x51a8d9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00084e0f
ID des fehlerhaften Prozesses: 0x1518
Startzeit der fehlerhaften Anwendung: 0xWebMoney.exe0
Pfad der fehlerhaften Anwendung: WebMoney.exe1
Pfad des fehlerhaften Moduls: WebMoney.exe2
Berichtskennung: WebMoney.exe3
Error: (08/07/2014 03:08:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.18.0.106, Zeitstempel: 0x53d13f6d
Name des fehlerhaften Moduls: Skype.exe, Version: 6.18.0.106, Zeitstempel: 0x53d13f6d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00231044
ID des fehlerhaften Prozesses: 0x24dc
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
System errors:
=============
Error: (09/25/2014 00:02:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (09/25/2014 00:02:15 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (09/25/2014 00:02:15 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (09/25/2014 00:02:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (09/25/2014 00:02:14 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (09/16/2014 10:23:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4991D34B-80A1-4291-83B6-3328366B9097}
Error: (09/16/2014 10:23:28 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147467243.
Error: (09/16/2014 10:23:28 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des BITS-Dienstes. Fehler: 2147500053.
Error: (09/14/2014 10:31:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4991D34B-80A1-4291-83B6-3328366B9097}
Error: (09/14/2014 10:31:21 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147467243.
Microsoft Office Sessions:
=========================
Error: (09/14/2014 11:20:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.18.0.10653d13f6dieframe.dll11.0.9600.1728053f26cdac000000500064778d4001cfcffd09cc0fe1E:\Programme\Skype\Phone\Skype.exeC:\Windows\SysWOW64\ieframe.dll4e673636-3bf0-11e4-8747-50e5493d8dc3
Error: (09/13/2014 11:59:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.18.0.10653d13f6dieframe.dll11.0.9600.1728053f26cdac000000500064778153401cfcf9dfcf79918E:\Programme\Skype\Phone\Skype.exeC:\Windows\SysWOW64\ieframe.dll415392a0-3b91-11e4-aace-50e5493d8dc3
Error: (08/31/2014 11:34:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: thunderbird.exe24.4.0.5188110401cfc5463ae3a3e810E:\Programme\Thunderbird\thunderbird.exe9f5a81ce-3156-11e4-82b6-50e5493d8dc3
Error: (08/27/2014 09:10:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_stisvc6.1.7600.163854a5bc3c1unknown0.0.0.000000000c00000050000000000000000b6001cfc1c60acdb4fcC:\Windows\system32\svchost.exeunknown4ac170ff-2db9-11e4-a4c9-50e5493d8dc3
Error: (08/26/2014 02:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WebMoney.exe3.9.9.050001cabWMClient.dll3.9.9.151a8d9f1c000000500269423149001cfc12bbb90d36cE:\Programme\Webmoney\WebMoney.exeE:\Programme\Webmoney\WMClient.dll089d5aa6-2d1f-11e4-86c1-50e5493d8dc3
Error: (08/20/2014 06:10:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WFS.exe6.1.7601.175144ce7b33eWFS.exe6.1.7601.175144ce7b33ec000041d00000000000386f8115c01cfbc9142ef0ebcC:\Windows\System32\WFS.exeC:\Windows\System32\WFS.exe87ddfb9b-2884-11e4-a4da-50e5493d8dc3
Error: (08/20/2014 06:10:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WFS.exe6.1.7601.175144ce7b33eWFS.exe6.1.7601.175144ce7b33ec000000500000000000386f8115c01cfbc9142ef0ebcC:\Windows\System32\WFS.exeC:\Windows\System32\WFS.exe86e95ed6-2884-11e4-a4da-50e5493d8dc3
Error: (08/15/2014 09:56:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WebMoney.exe3.9.9.050001cabWMClient.dll3.9.9.151a8d9f1c000000500084e0f199c01cfb8beb32c25bfE:\Programme\Webmoney\WebMoney.exeE:\Programme\Webmoney\WMClient.dll49d557b0-24b6-11e4-86c3-50e5493d8dc3
Error: (08/15/2014 09:25:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WebMoney.exe3.9.9.050001cabWMClient.dll3.9.9.151a8d9f1c000000500084e0f151801cfb8be8ecf72d2E:\Programme\Webmoney\WebMoney.exeE:\Programme\Webmoney\WMClient.dlledfcbec0-24b1-11e4-86c3-50e5493d8dc3
Error: (08/07/2014 03:08:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.18.0.10653d13f6dSkype.exe6.18.0.10653d13f6dc00000050023104424dc01cfb240b4a5f893E:\Programme\Skype\Phone\Skype.exeE:\Programme\Skype\Phone\Skype.exef7474350-1e33-11e4-9670-50e5493d8dc3
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 28%
Total physical RAM: 8109.12 MB
Available physical RAM: 5792.69 MB
Total Pagefile: 16216.41 MB
Available Pagefile: 13750.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:176.32 GB) NTFS
Drive e: (Programme) (Fixed) (Total:488.28 GB) (Free:228.29 GB) NTFS
Drive f: (Daten) (Fixed) (Total:443.23 GB) (Free:237.28 GB) NTFS
Drive g: () (Removable) (Total:14.93 GB) (Free:11.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: C4590A7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BAA88452)
Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: BDF71766)
Partition 1: (Active) - (Size=14.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
