| baeuerlein | 21.05.2015 13:16 |
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Michael at 2015-05-21 08:07:43
Running from C:\Users\Michael\Desktop\Trojan Tools
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3665776361-1376430445-3332247537-500 - Administrator - Disabled)
Antonia (S-1-5-21-3665776361-1376430445-3332247537-1005 - Limited - Enabled) => C:\Users\Antonia
BENJAMIN (S-1-5-21-3665776361-1376430445-3332247537-1009 - Limited - Enabled) => C:\Users\BENJAMIN.ABKM-2012
Gast (S-1-5-21-3665776361-1376430445-3332247537-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3665776361-1376430445-3332247537-1002 - Limited - Enabled)
Kerstin(1) (S-1-5-21-3665776361-1376430445-3332247537-1008 - Limited - Enabled) => C:\Users\Kerstin(1)
Michael (S-1-5-21-3665776361-1376430445-3332247537-1000 - Administrator - Enabled) => C:\Users\Michael
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2weistein (HKLM-x32\...\{307702F6-FD2C-484A-8F2E-A1DCE85FD9CC}_is1) (Version: - Brainmonster Studios)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
Acronis*True*Image*Home 2012 (HKLM-x32\...\{243EF3E5-537D-4A15-8EE8-47D5473D9C73}Visible) (Version: 15.0.7133 - Acronis)
Acronis*True*Image*Home 2012 (x32 Version: 15.0.7133 - Acronis) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements (HKLM-x32\...\Adobe Photoshop Elements 1.0) (Version: 1.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon Music (HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10405 - ATI Technologies Inc.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box AddOn (IE) (HKLM-x32\...\{CEAD06D8-D033-4D2A-9328-AF49089E129F}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!Box-Kindersicherung (HKLM-x32\...\{7497BB4F-CE23-47D4-B2CB-62548080F74F}) (Version: 4.2.3 - AVM Berlin)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
clear.fi (x32 Version: 1.5.3201_45059 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.9024 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.3318.35 - CyberLink Corp.)
clear.fi (x32 Version: 1.5.3318.35 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX del Windows Live Mesh per a connexions remotes (HKLM-x32\...\{76C064E2-BB99-4453-8FDA-42BC01AD0734}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Corel PaintShop Pro X4 (HKLM-x32\...\_{00580795-581C-4587-B9F2-37320D7AB37F}) (Version: 14.0.0.345 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.1.0.5 - Corel Corporation) Hidden
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Jagd nach dem blauen Kristall (HKLM-x32\...\Die Jagd nach dem blauen Kristall) (Version: - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (x32 Version: 0.106 - Etron Technology) Hidden
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Audio CD Burner version 2.0.24.827 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.24.827 - DVDVideoSoft Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Audio Converter version 5.0.27.725 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.27.725 - DVDVideoSoft Ltd.)
Free Disc Burner version 3.0.18.1212 (HKLM-x32\...\Free Disc Burner_is1) (Version: 3.0.18.1212 - DVDVideoSoft Ltd.)
Free DVD Video Converter version 2.0.15.1125 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.15.1125 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.46.820 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.324 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.324 - DVDVideoSoft Ltd.)
Free Video Call Recorder for Skype version 1.2.8.1230 (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.8.1230 - DVDVideoSoft Ltd.)
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Free Video to Android Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to Android Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free Video to DVD Converter version 5.0.45.716 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.45.716 - DVDVideoSoft Ltd.)
Free Video to iPod Converter version 5.0.27.725 (HKLM-x32\...\Free Video to iPod Converter_is1) (Version: 5.0.27.725 - DVDVideoSoft Ltd.)
Free Video to Samsung Phones Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to Samsung Phones Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to DVD Converter version 3.1.13.925 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version: 3.1.13.925 - DVDVideoSoft Ltd.)
Free YouTube to iPhone Converter version 2.12.20.1230 (HKLM-x32\...\Free YouTube to iPhone Converter_is1) (Version: 2.12.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to iPod Converter version 3.11.12.827 (HKLM-x32\...\Free YouTube to iPod Converter_is1) (Version: 3.11.12.827 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin City Navigator Europe NT 2013.10 Update (HKLM-x32\...\{EC28FA6E-E38D-4F72-80EF-1FBE66B05668}) (Version: 16.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2014.30 Update (HKLM-x32\...\{F956C0BB-D2FA-4BA5-80D7-AC08E7CD611B}) (Version: 17.30.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2015.40 (HKLM-x32\...\{04B2E836-EF35-438B-89B8-59F484090283}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gpg4win (2.1.1) (HKLM-x32\...\GPG4Win) (Version: 2.1.1 - The Gpg4win Project)
Horse Life (HKLM-x32\...\Horse Life_is1) (Version: - )
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{0A8BEF69-0DD7-4A8F-9AED-0CB91BEBCB58}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ICA (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IPM_PSP_COM (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LEGO® Batman™ 2: DC Super Heroes (HKLM-x32\...\{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Star Wars™: Die Komplette Saga (HKLM-x32\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (x32 Version: 1.00.0000 - LucasArts) Hidden
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
Matrix Code Emulator 1.50 (HKLM-x32\...\Matrix Code Emulator_is1) (Version: - Reality Rift Studios)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4517.1509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WorldWide Telescope (HKLM-x32\...\{02E7492D-C46F-4A34-A197-D1C3F19A1F4A}) (Version: 5.0.3 - Microsoft Research)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\MyFreeCodec) (Version: - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10800.6.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
OTR Homeloader 1.5.8.146 (HKLM-x32\...\OTR Homeloader) (Version: 1.5.8.146 - © onlinetvrecorder.com)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pearl Harbor: Fire on the Water (x32 Version: 2.2.0.110 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - PopCap Games)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PonyGirl2 (HKLM-x32\...\PonyGirl2) (Version: - )
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.10 - ProtectDisc Software GmbH)
PSPPContent (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 14.0.0.345 - Corel Corporation) Hidden
PSPPro64 (Version: 14.0.0.345 - Corel Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (x32 Version: 14.0.0.345 - Ihr Firmenname) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Snapfish Fotobuch (HKLM-x32\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Space Fighters 3D (HKLM-x32\...\SpaceFighters3D) (Version: 1.0D - Anders und Seim Neue Medien AG)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Sweet Home 3D version 4.6 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
TKKG10 (HKLM-x32\...\TKKG10) (Version: - )
TKKG16 (HKLM-x32\...\TKKG16) (Version: Das unheimliche Zimmer" - Tivola Development GmbH)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (HKLM-x32\...\{7BA6DF02-B094-45D7-A3C9-BE3684253922}) (Version: 15.4.5722.2 - Microsoft Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.10.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wireshark 1.12.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.4 - The Wireshark developer community, hxxp://www.wireshark.org)
WISO Mein Geld 2014 Standard (HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\WISO Mein Geld 2014 Standard) (Version: - Buhl Data Service GmbH)
WISO Mein Geld 2014 Standard (x32 Version: 16.0.1.0 - Buhl Data Service GmbH) Hidden
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.03.7334 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{1A51972F-7455-4EF7-9B62-FAF851E0BE13}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{D31520BA-35B4-41A9-A176-6A69F6BDB046}) (Version: 22.02.8861 - Buhl Data Service GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-05-14 10:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {06BD7732-AC4C-4D89-885B-23BA3DE7A669} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0FE833D6-1CC1-4D33-AD84-2DA4D5B307D0} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {13EDDADF-414A-4208-8B6A-08C5B5F9D110} - System32\Tasks\{AFE53008-C007-408D-AC1A-522FF6694D9D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{D596980D-17BE-4425-B8F0-5640719AADE9}\setup.exe" -c -runfromtemp -l0x0407
Task: {15080E1E-897B-4116-AC0B-A04DB15A74F3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {201022E4-9FC8-42D8-856E-97E0A2D248B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-08-13] (Microsoft Corporation)
Task: {2BDB76D0-55AF-4A26-BD8B-612E7E9CE036} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {2F8C7232-6B89-4A83-A839-009522724610} - System32\Tasks\{BCA64A62-A2F0-4023-9FE4-D9BF2DD0AAB7} => pcalua.exe -a "C:\Users\Michael\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2238UOIF\avm_fritz!wlan_usb_stick_x64_build_100906.exe" -d C:\Users\Michael\Desktop
Task: {38C5C3F5-7303-41FE-AA18-D55BF2CFDBF4} - System32\Tasks\hpUtility.exe_{9189978C-8FF7-42B9-8AE7-F38CEBEA73B8} => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\utils\hpUtility.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {415E614A-8D00-4D17-B889-DB9A42C89CC3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-02] (Adobe Systems Incorporated)
Task: {49735EFF-FBBD-4D0C-A45D-58A85253DDB6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-08-13] (Microsoft Corporation)
Task: {5C5FE30A-AAA1-4C2E-AD79-30544C05DA33} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6453F120-7242-41F6-A713-3EB92534A46C} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink)
Task: {6E263B84-6926-4989-BDD9-4979DC4D5614} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {7F8039A3-75EC-4376-8A96-CB13A28A4989} - System32\Tasks\{77A7DFBC-3C5C-48ED-A38F-6DEC9589FD7E} => pcalua.exe -a E:\Driver\setup.exe -d E:\Driver
Task: {85E724A5-C5C5-435F-9201-631A24F3514B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-09] (Microsoft Corporation)
Task: {AA4AA929-BC40-4A19-BB5F-40006A45D073} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)
Task: {B2AF022D-4264-4CA8-A432-4D08941B54DD} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B39F4286-CB41-4E8B-A96C-9ECCDF09CFFF} - System32\Tasks\{21BF5564-D73B-44F0-B06A-09046295D728} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B7B67FE5-1CFE-41C2-8E99-8764874A0FAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E3CC3F58-509D-42BD-AD54-2D2F937A5B0E} - System32\Tasks\Microsoft_Hardware_Launch_vVX6000_exe => C:\Windows\vVX6000.exe [2010-05-20] (Microsoft Corporation
)
Task: {ECC392DF-FFA3-4336-B2D6-8D41460E2B8B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {F0DE2495-7482-4D61-971A-AA04E7CFBF8E} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)
Task: C:\Windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf89f1fda08b48.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfeadeb7541613.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff7a2e6aa93.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041e914e2aa29.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08ff58015d19a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-01-12 14:42 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-01-12 14:42 - 2006-02-22 11:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-28 18:50 - 2013-05-28 18:50 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-04-28 17:51 - 2013-06-20 13:03 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-04-28 17:51 - 2013-06-09 16:05 - 00518824 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-04-28 17:51 - 2013-06-09 16:05 - 00612520 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2015-01-02 19:00 - 2014-12-08 08:27 - 06277952 _____ () C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-11-17 13:21 - 2014-07-02 10:13 - 01427736 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2011-08-11 05:58 - 2011-08-11 05:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-05-28 18:44 - 2013-05-28 18:44 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-05-28 18:42 - 2013-05-28 18:42 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-05-28 18:41 - 2013-05-28 18:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-05-28 18:44 - 2013-05-28 18:44 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-05-28 18:45 - 2013-05-28 18:45 - 00627712 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2012-06-28 16:58 - 2012-06-28 16:58 - 00435584 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll
2014-10-15 21:15 - 2014-10-15 21:15 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-11-24 07:12 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 09789208 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 00035608 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 00309016 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 00322840 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2013-11-17 13:20 - 2014-07-02 10:14 - 03880216 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 00136472 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 02738456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 02116376 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01932568 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 04326168 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2013-11-17 13:20 - 2014-02-11 12:53 - 01043456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2013-11-17 13:20 - 2014-02-11 12:53 - 00094720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2013-11-17 13:20 - 2014-02-11 12:53 - 00250368 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01564952 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 05291288 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01698584 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01809688 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01627928 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01117976 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01341208 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01309464 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 07340824 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01286936 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2013-11-17 13:20 - 2014-07-02 10:13 - 01331480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2015-05-21 07:47 - 2015-05-21 07:47 - 00043008 _____ () c:\users\michael\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8ydxhn.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2011-08-11 05:57 - 2011-08-11 05:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-05-21 07:46 - 2015-05-21 07:46 - 00098816 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32api.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00110080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\pywintypes27.dll
2015-05-21 07:46 - 2015-05-21 07:46 - 00364544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\pythoncom27.dll
2015-05-21 07:46 - 2015-05-21 07:46 - 00045568 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_socket.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 01161216 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_ssl.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00320512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32com.shell.shell.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00713216 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_hashlib.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 01175040 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._core_.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00805888 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._gdi_.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00811008 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._windows_.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 01062400 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._controls_.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00735232 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._misc_.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00682496 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\pysqlite2._sqlite.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00128512 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_elementtree.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00127488 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\pyexpat.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00087552 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_ctypes.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00119808 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32file.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00108544 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32security.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00007168 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\hashobjs_ext.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00017408 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\usb_ext.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00167936 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32gui.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00018432 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32event.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00013824 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\common.time34.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00036864 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_psutil_windows.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00038912 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32inet.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00011264 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32crypt.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00070656 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._html2.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00027136 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_multiprocessing.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00020480 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\_yappi.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00035840 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32process.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00686080 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\unicodedata.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00122368 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._wizard.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00024064 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32pipe.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00010240 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\select.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00025600 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32pdh.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00525640 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\windows._lib_cacheinvalidation.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00017408 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32profile.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00022528 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\win32ts.pyd
2015-05-21 07:46 - 2015-05-21 07:46 - 00078336 _____ () C:\Users\Michael\AppData\Local\Temp\_MEI53722\wx._animate.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\bayer.com -> hxxps://mymail.bayer.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\...\123simsen.com -> www.123simsen.com
There are 6845 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3665776361-1376430445-3332247537-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{C9D242DC-25AF-4AF2-BB94-DAB940B3A60D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3C47A78D-7CCA-4D2E-A2B7-E41DEC3FB628}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{EF2AD903-CA8A-48B8-BA8D-AC8AF551734A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7E9724D4-BBC2-4F08-A50C-B5CB49993F4A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9597C05A-1907-40A9-B1FA-916B94D1DCED}] => (Allow) LPort=2869
FirewallRules: [{600BA4A8-53A4-488A-A939-FD6B7E5939A7}] => (Allow) LPort=1900
FirewallRules: [{ED91579B-7073-4D88-BAA2-EF8754A652D9}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{388D3D32-53CD-44B6-9323-AB004EF5B290}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8FE7A59D-113B-4438-84C0-B111496F1CD5}] => (Allow) E:\fsetup.exe
FirewallRules: [{95FE17A3-C1D4-4425-88B5-F0028D7C06FF}] => (Allow) E:\fsetup.exe
FirewallRules: [{E759168D-02CB-4F7F-9789-A00E3C4C33ED}] => (Allow) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
FirewallRules: [{0DF8F296-597C-48D1-9378-706B92E8C884}] => (Allow) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
FirewallRules: [{04364AA0-AAC0-4CA3-9F35-373342E92752}] => (Allow) C:\Program Files\FRITZ!DSL\FBOXUPD.EXE
FirewallRules: [{9B275731-692F-439E-AFEB-1BADAB356C7A}] => (Allow) C:\Program Files\FRITZ!DSL\FBOXUPD.EXE
FirewallRules: [{176F6BD2-E313-4ACD-A144-59FD12CB2D72}] => (Allow) C:\Program Files\FRITZ!DSL\WebwaIgd.exe
FirewallRules: [{C2678EC3-1C35-4B04-B92C-D01FF239B191}] => (Allow) C:\Program Files\FRITZ!DSL\WebwaIgd.exe
FirewallRules: [{71DF01A8-3686-4D06-BEF4-56CDDFDB8AD3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{763B9429-FF6F-4D99-BA7E-7E69B5EC8DB1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{82F39FD0-930D-404E-8527-E4DE962866CE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{D1A32A56-F835-4D22-9FB1-43F39DF56B9E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{0F0DEA32-5E0E-476B-B6F1-F125CB2BE877}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{E2F8D7EF-B881-4C99-9F39-22E35427B00C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{3861C9F6-A5B8-4F20-B2DB-1E495564DB20}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{0500228A-C9AA-4EBD-9AD2-48446376E7F4}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{ADC8774B-A50A-43FC-B580-A6417F7DE597}] => (Allow) LPort=4481
FirewallRules: [{FE9A06C4-46CD-4772-8F35-BA3C46DBE2A1}] => (Allow) LPort=4481
FirewallRules: [{52BB8DF9-6381-4CC4-A793-831E1E6004BE}] => (Allow) LPort=4482
FirewallRules: [{3B34CFC9-0B67-49DC-9234-4E72BE801B5F}] => (Allow) LPort=4482
FirewallRules: [{E455E453-8EF5-4C02-B3B4-421ABC807F65}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{03E17A5A-B0CC-47E9-BAD5-C75A8C7C44B1}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{8DAE088C-D404-415E-8926-2F3507A41FA6}] => (Allow) LPort=4481
FirewallRules: [{568F1D79-2097-4DE4-BAD1-3B94093A530A}] => (Allow) LPort=4481
FirewallRules: [{EFDA4574-D805-45A3-89F3-730FDE578304}] => (Allow) LPort=4482
FirewallRules: [{69B928F6-04A0-4298-9B3C-6B7ACC7A6EC9}] => (Allow) LPort=4482
FirewallRules: [{D2E880E5-AEA1-46ED-898A-6A869E77B66D}] => (Allow) C:\Users\Michael\AppData\Local\Temp\_ISTMP3.DIR\_ISTMP0.DIR\igd_finder.exe
FirewallRules: [{3C4EA169-3582-4139-8D9E-B2289F585402}] => (Allow) C:\Users\Michael\AppData\Local\Temp\_ISTMP3.DIR\_ISTMP0.DIR\igd_finder.exe
FirewallRules: [{25DCF301-824F-4AAC-B756-B424AF758F22}] => (Allow) LPort=5031
FirewallRules: [{017C46D6-584C-4DA9-8532-7E57F5ACFF03}] => (Allow) C:\Users\Michael\AppData\Local\Temp\_ISTMP3.DIR\_INS5576._MP
FirewallRules: [{6C07132D-B959-40B0-A5E1-9381AB7B1C9C}] => (Allow) C:\Users\Michael\AppData\Local\Temp\_ISTMP3.DIR\_INS5576._MP
FirewallRules: [{8B142A97-0976-4D90-9368-DA57B6AAC677}] => (Allow) C:\Users\Michael\AppData\Local\Temp\7zS5804\HPDiagnosticCoreUI.exe
FirewallRules: [{73889DA0-43A0-46C8-8CE2-901C1480D76B}] => (Allow) C:\Users\Michael\AppData\Local\Temp\7zS5804\HPDiagnosticCoreUI.exe
FirewallRules: [{12064533-AE2E-4FD1-A04D-84761BD33E69}] => (Allow) C:\Users\Michael\AppData\Local\Temp\7zS5961\hppiw.exe
FirewallRules: [{76FB54EB-A124-4BBB-BB3B-3FCE364671B7}] => (Allow) C:\Users\Michael\AppData\Local\Temp\7zS5961\hppiw.exe
FirewallRules: [{12C49088-AC2B-41B3-9A8B-17329787105A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\FaxApplications.exe
FirewallRules: [{7D58C282-6184-40FA-B1E9-B88575459B1A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\DigitalWizards.exe
FirewallRules: [{51E6148A-6E4C-47FF-BA1B-B903F393D5AE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\SendAFax.exe
FirewallRules: [{7D085111-33A0-411D-A569-C9CA20B02D8A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{6A16B531-25B3-488F-80A0-42725A2DC96D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7D309AEE-D794-48BE-8F17-4615E3611BCD}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B6323A56-ED26-4469-B3C2-FC140CE56DB0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{85BCD67E-C592-4F48-8988-FC32AC54D0D9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{2F0214AC-E971-4A23-A7CA-81578925B65F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{F17E1B7C-2E36-47E8-AD0C-EA00A86910AA}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{2BBE5713-307F-4357-9FCA-95BCD3CBA5FE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{81C86BF7-1306-48BB-9818-DD02A255512B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{9F570D08-D86B-4AE3-B9B4-C4F87AD1C4DF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{EEE78BE8-8619-4972-BAD8-1C7F4D12C781}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{3B2F7565-7D7C-4780-8E4D-8743DEF9B36A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
FirewallRules: [{198864CE-CD10-4C99-BED4-2F4776406330}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\PlayMovie.exe
FirewallRules: [{CCBD6139-73A0-4808-941A-6A9AF6C22291}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{835101D6-156A-4027-B96D-9B62E562C48B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{6841C0F7-C1CD-44B5-84D4-4B980436EAA3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{E1732156-0092-4927-BEC2-CC4B98FD19F3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{8F42CF1E-43AE-4340-933F-B5B8B8949180}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{8828AAC2-9F98-41C5-B32B-24283D063037}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6C4729D-BC9D-4EEE-8AD0-6303381D8574}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B0920B14-F1C9-405B-91FA-D9933AA65A04}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5B174C98-464A-433E-964D-8A5EE9C9E8EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E0957D46-DACD-4A59-AC15-A24D0DCBE9BE}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{92AE468D-DCF2-46CB-9BE5-354E1664C7C8}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{C24C8CBE-BC4D-4E17-A37E-CEA09DFA0A25}] => (Allow) C:\Users\Kerstin(1)\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{620AE8BA-C9EA-419E-94E0-00DECB5E0E06}] => (Allow) C:\Users\Kerstin(1)\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2CD4582C-2903-4A96-9401-AFEEA51CDB50}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{033B7368-8B98-4E99-A12E-5816EF7B5FCE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{F09D235F-1111-4387-8B6A-CE939F3E0E6A}] => (Allow) C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
FirewallRules: [{B38F3C9A-2096-469C-A305-21D6861FF3F7}] => (Allow) C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
FirewallRules: [{F304595D-4C61-4B9A-BCE0-9FE19F073B2C}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{8CBC0F82-BF4E-4EC0-AC68-E3001567775A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{3011FF30-5F17-48F9-8C84-3A4777535953}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{FF96BB1B-558F-4990-91C8-4E4D2FA10254}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{BFADD09D-72E5-4D79-8A44-B9A9645DBE87}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{BD150C6E-CDA3-4003-8A04-D98BE435618B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{1512ADE2-6EFF-4D45-AD57-E9C5B220CA9D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{0130F6AD-FCE5-4E61-AD27-28B65163BFBC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{A77FEDFE-05A2-4A41-881B-EA2F378975D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{A2C7781F-3A84-4476-980A-0B6CB2776ECE}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{936CDF9C-21B0-49EC-B52D-F997BC42AABE}] => (Allow) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FCF49220-9855-4FD5-9828-6E734E926362}] => (Allow) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{2A51E31E-0825-4364-93A9-53B3111D4BEE}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1DB5141C-2C7E-40E7-BD66-913BD4598F23}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{44CE2C93-06B4-46AF-AADB-422B81A0DAFB}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BBD53D6A-1025-4870-B795-89896280248E}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{5238C553-D394-4075-9D3E-8D225137B983}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF0DE276-C226-4232-A414-96F068B790DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0A88D139-9D09-470A-B142-4F89F58DC8DF}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{7676DAC4-29C8-43B0-A342-7F48B24E1E83}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{BF9CF787-F1FD-4435-A239-8C46C3F0CF24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{EC599DB0-83EE-44E2-B26A-DEBC3D01BEA9}C:\users\antonia\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\antonia\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CAD62162-5C9A-4470-B683-DAED6BCB517A}C:\users\antonia\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\antonia\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4A35D0C8-FFFB-40F6-95B1-B55D33815992}C:\users\kerstin(1)\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kerstin(1)\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8F250A55-1BAA-45AF-A210-774AAC9CD52F}C:\users\kerstin(1)\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kerstin(1)\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{EA8692AD-A1CC-4676-AD47-FC393025FDAF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1492FE07-7953-40AC-BCAE-81D5DE405213}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BF0841E8-53A8-49B3-9686-0C30823FFDAC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{AEB1050A-42F9-4040-956A-94887CE7C7E5}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{813AC702-46A5-46F5-8DD2-3CB04FDD0AE8}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
==================== Faulty Device Manager Devices =============
Name: Officejet Pro 8500 A910
Description: Officejet Pro 8500 A910
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Officejet Pro 8500 A910
Description: Officejet Pro 8500 A910
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2015 08:03:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (05/21/2015 07:44:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2015 11:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0xa38
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Error: (05/20/2015 10:55:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2015 04:07:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2015 08:06:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/19/2015 09:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x998
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Error: (05/19/2015 07:08:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/19/2015 07:55:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/18/2015 11:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x944
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
System errors:
=============
Error: (05/21/2015 07:48:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (05/21/2015 07:44:19 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/20/2015 11:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/20/2015 11:11:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/20/2015 10:54:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/20/2015 10:53:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/20/2015 10:53:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Device Interaction Service erreicht.
Error: (05/20/2015 10:48:00 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/20/2015 10:48:00 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/20/2015 10:29:12 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (05/21/2015 08:03:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Michael\Desktop\Trojan Tools\esetsmartinstaller_deu.exe
Error: (05/21/2015 07:44:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2015 11:11:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec12a3801d0933efc0f6a3bC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlld5f7c9a7-ff34-11e4-8621-bc05430c7d61
Error: (05/20/2015 10:55:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2015 04:07:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2015 08:06:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/19/2015 09:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1299801d092563f8697bcC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll1974c7e8-fe5d-11e4-89d8-bc05430c7d61
Error: (05/19/2015 07:08:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/19/2015 07:55:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/18/2015 11:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1294401d0912e0d83f9b2C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllf65341fb-fda1-11e4-89e3-bc05430c7d61
CodeIntegrity Errors:
===================================
Date: 2015-05-14 10:15:32.954
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-14 10:15:32.894
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:28.892
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:28.817
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:26.548
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:26.472
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:24.288
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:24.213
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:22.059
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-30 22:58:21.995
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 52%
Total physical RAM: 4078.01 MB
Available physical RAM: 1953.88 MB
Total Pagefile: 8154.22 MB
Available Pagefile: 5455.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:455.45 GB) (Free:84.88 GB) NTFS
Drive d: (DATA) (Fixed) (Total:455.96 GB) (Free:238.47 GB) NTFS
Drive i: (Elements) (Fixed) (Total:931.51 GB) (Free:421.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D991B2E7)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0025BE3D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Weitere Infos:
- meine Banksoftware hat eine Veränderung erkannt und als möglicherweise kritisch Angezeigt:
127.0.0.1 localhost
- Avira Support hat mich einige Änderungen durchführen lassen, ohne effekt
Hi
Avira hat mir nun folgendes geschrieben: Code:
Sehr geehrte Damen und Herren,
vielen Dank für Ihre Rückmeldung.
In diesem Fall liegt die Ursache an veralteten Internetzertifikaten. Um diese zu aktualisieren gehen Sie bitte wie folgt vor:
Laden Sie sich bitte zunächst folgende Datei herunter:
hxxp://download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe
WICHTIG: Wählen Sie als Speicherort Ihre Festplatte C: aus. :
Anschließend gehen Sie bitte wie folgt vor :
Windows 7 :
- klicken Sie auf "Start" -> "Alle Programme" -> "Zubehör"
- klicken Sie mit der rechten Maustaste auf "Eingabeaufforderung" und danach auf "als Administrator ausführen"
- in der schwarzen Konsole geben Sie bitte folgenden Befehl ein : "cd C:\" (ohne die "") und bestätigen Sie mit Enter
- nun geben Sie folgenden Befehl ein : "rootsupd.exe /Q " (ohne die "") und bestätigen Sie mit Enter
- schließen Sie das Fenster nach ca. 5 Minuten.
Soll ich das durchführen? |
