| Pelzbeere | 04.03.2015 15:16 |
Vielen Dank!
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by ***** (administrator) on *****-LAP on 04-03-2015 14:41:14
Running from C:\Users\*****\Desktop
Loaded Profiles: ***** (Available profiles: ***** & Unzugriff & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [825864 2009-09-24] (Dritek System Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1544005099-1477667473-460764477-1003\...\Run: [ISUSPM Startup] => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
HKU\S-1-5-21-1544005099-1477667473-460764477-1003\...\Run: [Spiele Post] => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
HKU\S-1-5-21-1544005099-1477667473-460764477-1003\...\Run: [PC Speed Maximizer] => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
HKU\S-1-5-21-1544005099-1477667473-460764477-1003\...\Run: [Sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-1544005099-1477667473-460764477-1003\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Plants_Vs_Zombies_2_Full_Setup.lnk
ShortcutTarget: Plants_Vs_Zombies_2_Full_Setup.lnk -> C:\ProgramData\{1030d19f-da3c-f001-1030-0d19fda3467f}\Plants_Vs_Zombies_2_Full_Setup.exe (No File)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-1544005099-1477667473-460764477-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1544005099-1477667473-460764477-1003 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-1544005099-1477667473-460764477-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1544005099-1477667473-460764477-1003 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE364
BHO: ExsTraCoupon -> {8cecb26b-976f-4c5b-9e6e-e801eb4d475a} -> C:\Program Files (x86)\ExsTraCoupon\54rS6hsFGlWIF4.x64.dll ()
BHO: NeetoCouponn -> {98975c39-04fc-4bac-8b75-62d74176dd62} -> C:\Program Files (x86)\NeetoCouponn\oC8JcXCUIIEeC0.x64.dll ()
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Eyeo GmbH)
BHO-x32: Microsoft.Search.HRSToolBar.InitToolbarBHO -> {1d970ed5-3eda-438d-bffd-715931e2775d} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: ExsTraCoupon -> {8cecb26b-976f-4c5b-9e6e-e801eb4d475a} -> C:\Program Files (x86)\ExsTraCoupon\54rS6hsFGlWIF4.dll ()
BHO-x32: NeetoCouponn -> {98975c39-04fc-4bac-8b75-62d74176dd62} -> C:\Program Files (x86)\NeetoCouponn\oC8JcXCUIIEeC0.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
Toolbar: HKLM-x32 - Bing HRS Toolbar - {c9a6357b-25cc-4bcf-96c1-78736985d414} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1544005099-1477667473-460764477-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1544005099-1477667473-460764477-1003 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 89.16.129.25
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\qs2zf5u1.default-1425425749517
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\Windows\npapi.dll (Alawar)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1544005099-1477667473-460764477-1003: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\*****\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\qs2zf5u1.default-1425425749517\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - No Path Or update_url value
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 2e873f60; c:\Program Files (x86)\SegmentAmplifier\SegmentAmplifier.dll [1633792 2015-02-24] () [File not signed]
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Boonty Games; "C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe" [X]
S2 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-04-21] ()
S3 int15.sys; C:\Windows\System32\OEM\Factory\int15.sys [17952 2008-03-28] (Acer, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-04-21] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-04 14:41 - 2015-03-04 14:43 - 00018903 _____ () C:\Users\*****\Desktop\FRST.txt
2015-03-04 14:41 - 2015-03-04 14:41 - 00000000 ____D () C:\FRST
2015-03-04 14:39 - 2015-03-04 14:39 - 02092544 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2015-03-03 22:53 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 22:53 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 22:53 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 22:53 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 15:13 - 2015-03-03 15:14 - 00000000 ____D () C:\Program Files (x86)\Red Ball
2015-03-03 15:13 - 2015-03-03 15:14 - 00000000 ____D () C:\Program Files (x86)\NeetoCouponn
2015-03-03 15:13 - 2015-03-03 15:14 - 00000000 ____D () C:\Program Files (x86)\ExsTraCoupon
2015-03-03 15:13 - 2015-03-03 15:13 - 00000000 ____D () C:\Program Files (x86)\DigiSaVEr
2015-03-01 23:14 - 2015-03-01 23:14 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Opera Software
2015-03-01 23:14 - 2015-03-01 23:14 - 00000000 ____D () C:\Users\*****\AppData\Local\AlawarWrapper
2015-03-01 23:13 - 2015-03-01 23:13 - 00000000 ____D () C:\Users\*****\AppData\Local\Yandex
2015-03-01 23:13 - 2015-03-01 23:13 - 00000000 ____D () C:\Users\*****\AppData\Local\Amigo
2015-03-01 23:12 - 2015-03-01 23:14 - 00000000 ____D () C:\ProgramData\AlawarWrapper
2015-03-01 16:15 - 2015-03-04 00:35 - 00000000 ____D () C:\Users\*****\Desktop\Alte Firefox-Daten
2015-03-01 03:11 - 2015-03-03 23:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-01 03:10 - 2015-03-01 03:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-01 03:10 - 2015-03-01 03:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-01 03:10 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-01 03:10 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-28 14:52 - 2015-02-28 14:52 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-25 15:47 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 15:47 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 15:45 - 2015-02-26 00:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-24 23:57 - 2015-02-24 23:57 - 00003146 _____ () C:\Windows\System32\Tasks\{00A159F0-1B5F-4199-8E6E-7A64BE437FB7}
2015-02-24 17:18 - 2015-02-24 17:18 - 00000000 ____D () C:\Program Files (x86)\SegmentAmplifier
2015-02-24 17:17 - 2015-02-24 17:17 - 00000000 ____D () C:\Program Files (x86)\LiveHive Extension
2015-02-24 17:16 - 2015-03-03 15:13 - 00000000 ____D () C:\ProgramData\7549933180985827316
2015-02-24 17:16 - 2015-03-01 15:19 - 00000000 ____D () C:\ProgramData\{1030d19f-da3c-f001-1030-0d19fda3467f}
2015-02-24 17:16 - 2015-02-24 17:16 - 00000000 ____D () C:\Program Files (x86)\UeniuDealsi
2015-02-24 02:24 - 2015-02-24 02:24 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-18 11:29 - 2015-02-18 11:29 - 00000606 _____ () C:\Users\*****\Desktop\vpnclient-winx64-msi-5.0.07.0440-k9 - Verknüpfung.lnk
2015-02-12 14:46 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 14:46 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:46 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 14:46 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 15:43 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:43 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:43 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:43 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:43 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:43 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:43 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:43 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:43 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 15:43 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 15:43 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 15:43 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 15:43 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 15:43 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 15:43 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 15:43 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 15:43 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 15:43 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 15:43 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 15:43 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 15:43 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 15:43 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 15:43 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 15:43 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 15:43 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 15:43 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 15:43 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 15:43 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 15:43 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 15:43 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 15:43 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 15:43 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 15:43 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 15:43 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 15:43 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 15:43 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 15:43 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 15:43 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 15:43 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 15:43 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 15:43 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 15:43 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 15:43 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 15:43 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 15:43 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 15:43 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 15:43 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 15:43 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 15:43 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 15:43 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 15:43 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 15:43 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 15:43 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 15:43 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 15:43 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 15:43 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 15:43 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 15:43 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 15:43 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 15:43 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 15:43 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 15:43 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 15:43 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 15:43 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 15:43 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 15:43 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 15:43 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 15:43 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 15:43 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 15:43 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 15:43 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 15:43 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 15:43 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 15:43 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 15:43 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 15:43 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 15:42 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 15:42 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 15:42 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 15:42 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 15:42 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 15:42 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 15:42 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 15:42 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 15:42 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 15:42 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 15:42 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 15:42 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 15:42 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 15:42 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 15:42 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 15:42 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 15:42 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 15:42 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 15:42 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 15:42 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 15:42 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 15:42 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 15:42 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 15:42 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 15:42 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 15:42 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 15:41 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:41 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 15:41 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 15:41 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 15:41 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 15:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 15:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 15:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 15:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 15:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 15:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 15:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 15:38 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-04 14:33 - 2013-07-26 07:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-04 14:22 - 2009-07-07 17:28 - 02063242 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 14:20 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 14:20 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 14:15 - 2013-01-09 22:40 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8B78B3AB-BEB3-4F0B-BAE7-A1B6FC8131DF}
2015-03-04 14:15 - 2012-01-12 15:40 - 00000000 ___RD () C:\Users\*****\Dropbox
2015-03-04 14:14 - 2012-01-12 15:11 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
2015-03-04 14:11 - 2013-06-30 01:02 - 00177678 _____ () C:\Windows\setupact.log
2015-03-04 14:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-04 04:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-04 01:21 - 2013-02-09 16:27 - 00000000 ____D () C:\Users\*****\Documents\Forum
2015-03-03 15:18 - 2011-02-17 00:05 - 00000000 ____D () C:\Users\*****\Documents\Medizinisches
2015-03-03 14:17 - 2010-03-18 06:23 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 14:11 - 2013-06-30 21:28 - 00307104 _____ () C:\Windows\PFRO.log
2015-03-01 03:58 - 2014-03-26 22:59 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DigitalSites
2015-03-01 03:58 - 2014-01-04 01:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Systweak
2015-03-01 03:10 - 2014-01-06 04:16 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Malwarebytes
2015-03-01 03:10 - 2014-01-06 04:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-28 14:52 - 2013-12-20 12:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-27 03:03 - 2015-01-05 14:46 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-02-27 02:50 - 2014-12-17 18:08 - 00000000 ____D () C:\Users\*****\Documents\InterkulturellesSofa
2015-02-26 13:10 - 2012-09-27 16:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-24 15:12 - 2011-11-14 17:10 - 00000000 ____D () C:\Users\*****\Documents\Versicherungen
2015-02-24 15:02 - 2013-02-05 13:43 - 00000000 ____D () C:\Users\*****\Documents\Job
2015-02-24 07:16 - 2015-01-24 15:41 - 00000000 ____D () C:\Program Files (x86)\uonisalEs
2015-02-24 07:16 - 2014-01-05 11:06 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2015-02-24 07:16 - 2014-01-04 02:48 - 00000000 ____D () C:\ProgramData\Updater
2015-02-24 07:16 - 2014-01-04 01:56 - 00000000 ____D () C:\Program Files (x86)\BitLord 2
2015-02-24 07:16 - 2010-01-31 12:48 - 00000000 ____D () C:\Users\*****
2015-02-13 15:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 14:35 - 2012-01-12 15:11 - 00003385 _____ () C:\Windows\wininit.ini
2015-02-12 14:34 - 2012-01-12 15:40 - 00001014 _____ () C:\Users\*****\Desktop\Dropbox.lnk
2015-02-12 14:34 - 2012-01-12 15:39 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 01:01 - 2009-07-14 05:45 - 00419216 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 00:58 - 2014-12-11 04:28 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 00:58 - 2014-05-07 10:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 18:17 - 2013-07-22 22:58 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 18:17 - 2013-07-22 22:58 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-11 18:17 - 2013-07-22 22:58 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 18:17 - 2013-07-22 22:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 18:16 - 2013-07-19 02:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 18:10 - 2010-03-09 16:34 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 00:40 - 2014-02-14 12:41 - 00000000 ____D () C:\Users\*****\Documents\Instrumente lernen
2015-02-04 23:33 - 2013-07-26 07:20 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 23:33 - 2013-07-26 07:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 23:33 - 2013-07-26 07:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-03 03:46 - 2014-01-31 23:40 - 00000000 ____D () C:\Users\*****\Documents\Ernährung
==================== Files in the root of some directories =======
2009-10-20 00:31 - 2009-02-10 20:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2014-01-04 01:58 - 2014-01-04 02:53 - 0000000 _____ () C:\Users\*****\AppData\Roaming\bitlord_log.txt
2010-05-06 11:33 - 2014-07-03 10:48 - 0000235 _____ () C:\Users\*****\AppData\Roaming\devices.xml
2014-03-26 16:23 - 2014-03-26 16:23 - 0000000 _____ () C:\Users\*****\AppData\Roaming\PDFConverterApp
2010-05-06 11:33 - 2014-07-03 10:48 - 0000012 _____ () C:\Users\*****\AppData\Roaming\settings.xml
2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\*****\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\*****\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\*****\AppData\Local\CDRip.dll
2013-01-27 08:29 - 2014-11-08 14:31 - 0010752 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\*****\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\*****\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\*****\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\*****\AppData\Local\ogg.dll
2014-03-01 23:50 - 2014-04-01 00:58 - 0001473 _____ () C:\Users\*****\AppData\Local\RecConfig.xml
2013-05-27 21:30 - 2013-05-27 21:30 - 0000218 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\*****\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\*****\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\*****\AppData\Local\vorbisfile.dll
2011-06-13 17:27 - 2011-06-13 17:28 - 0000000 _____ () C:\Users\*****\AppData\Local\{04D77F34-066C-44C4-90B1-A5B6C2E3CEC1}
2010-08-11 17:08 - 2010-08-11 17:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-10-20 00:31 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2011-07-23 10:01 - 2011-07-23 10:01 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpe95FC.dll
2015-01-01 18:57 - 2015-01-01 18:57 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpe9B26.dll
2010-05-06 11:23 - 2010-05-06 11:28 - 0000191 _____ () C:\ProgramData\hpzinstall.log
2010-04-24 22:34 - 2010-06-26 16:51 - 0000848 ___SH () C:\ProgramData\KGyGaAvL.sys
2010-05-17 01:00 - 2010-05-17 01:00 - 0001150 _____ () C:\ProgramData\ss.ini
2010-05-17 01:03 - 2010-05-17 01:03 - 0000033 _____ () C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
Files to move or delete:
====================
C:\ProgramData\hpe95FC.dll
C:\ProgramData\hpe9B26.dll
C:\Users\*****\ashampoo_photo_commander_5_free_541_5021.exe
C:\Users\*****\FoxitReader605.0618_enu_Setup.exe
C:\Users\*****\vlc-2.0.0-win32-final.exe
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\Checkupdate.exe
C:\Users\*****\AppData\Local\Temp\DivXSetup.exe
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1ni2ra.dll
C:\Users\*****\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\*****\AppData\Local\Temp\Foxit Updater.exe
C:\Users\*****\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\*****\AppData\Local\Temp\gamebox.exe
C:\Users\*****\AppData\Local\Temp\gcapi_dll.dll
C:\Users\*****\AppData\Local\Temp\gtapi_signed.dll
C:\Users\*****\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\*****\AppData\Local\Temp\setup.exe
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\*****\AppData\Local\Temp\vlc-2.0.7-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 01:52
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2015
Ran by ***** at 2015-03-04 14:43:54
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.01.0805 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Agatha Christie Doppel Pack (HKLM-x32\...\{882CD9AE-4076-48BD-8D9D-BA01251748BB}) (Version: 1.00.0 - The Adventure Company)
AoA Audio Extractor (HKLM-x32\...\{D1725D54-279A-40C5-A70D-23C1785DB920}_is1) (Version: - AoAMedia.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Photo Commander 5 FREE (HKLM-x32\...\Ashampoo Photo Commander 5 FREE_is1) (Version: 5.4.1 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
Ballance (HKLM-x32\...\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}) (Version: - )
Bing HRS Toolbar (HKLM-x32\...\{3E2C0025-D900-40F2-A819-D97CE1D48C43}) (Version: 3.15.0 - Microsoft Corporation)
BitLord 2.3 (HKLM-x32\...\BitLord) (Version: 2.3.2-245 - House of Life)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager für Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Cheat Engine 6.0 (HKLM-x32\...\Cheat Engine 6.0_is1) (Version: - Dark Byte)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-1544005099-1477667473-460764477-1003\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
DVDx 4.0 Open Edition (HKLM-x32\...\DVDx 4.0 Open Edition) (Version: 4.0 (Open Edition) - labDV)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eGames GameButler (HKLM-x32\...\eGames GameButler) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version: - )
FastStone Photo Resizer 3.1 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.1 - FastStone Soft.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
FUJIFILM MyFinePix Studio 3.2 (HKLM-x32\...\MyFinePix Studio_is1) (Version: - )
GameCatalog03.2013 (x32 Version: 1.00.0000 - Intenium GmbH) Hidden
Gardens Inc. 2 - The Road to Fame Platinum Edition (HKLM-x32\...\Gardens Inc. 2 - The Road to Fame Platinum Edition1.1) (Version: 1.1 - Foxy Games)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
InterVideo WinDVD 8 (HKLM-x32\...\InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}) (Version: 8.5.10.39 - InterVideo Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 7 Update 21 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle)
Joe (HKLM-x32\...\{0AD3DEBC-5321-457E-8B43-8F546940169B}) (Version: 4.00.0050 - Wirth IT Design)
Kalenderchen 6 (HKU\S-1-5-21-1544005099-1477667473-460764477-1003\...\Kalenderchen 6) (Version: - )
K-Lite Codec Pack 6.4.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.4.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
LiveHive Extension (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyDsc2 (HKLM-x32\...\{83d96ed0-98aa-4515-8ddc-816f3efdd104}) (Version: 1.00.000 - )
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{249AF4F3-0353-4C75-988D-019FCD52B4D4}) (Version: 1.0.2 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{894A754D-8B40-4543-89B3-F30A49A8565A}) (Version: 1.2.1 - OLYMPUS IMAGING CORP.)
Panasonic Office Add-in del (HKLM-x32\...\{C215AE54-FF8D-4CE5-B449-2ED85DFC6C7D}) (Version: 1.0.0 - Panasonic)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
PeaZip 3.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Phenix-Q8 (x32 Version: 1.0.1.49 - Ihr Firmenname) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies 1.0.4.7924 (by Scar) (HKLM-x32\...\{0DE8527A-FE3E-4FCA-A023-D57EF0B796C9}_is1) (Version: - PopCap Games)
Pontifex Demo 10.19.01 (HKLM-x32\...\Pontifex Demo_is1) (Version: - Chronic Logic LLC)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Roads Of Rome (HKLM-x32\...\Roads Of Rome_is1) (Version: - Realore Studios)
Roads of Rome 2 (HKLM-x32\...\Roads of Rome 2_is1) (Version: - Realore Studios)
Royal Envoy 2 (HKLM-x32\...\Royal Envoy 2_is1) (Version: - Playrix Entertainment)
Royal Envoy™ (HKLM-x32\...\Royal Envoy™_is1) (Version: - Playrix Entertainment)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)
Sony PC Companion 2.10.245 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
StreamTransport version: 1.1.0.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
SUPER © Version 2010.bld.37 (Jan 2, 2010) (HKLM-x32\...\SUPER ©) (Version: Version 2010.bld.37 (Jan 2, 2010) - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.0.3 - Synaptics Incorporated)
Transcription iSS (HKLM-x32\...\{8AC20255-BE16-4100-9866-FED1D0EC5CAB}) (Version: 2.0.29 - ISS)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.0) (Version: 1.3.0 - Xvid Team)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-1544005099-1477667473-460764477-1003\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1544005099-1477667473-460764477-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
20-02-2015 08:55:59 Windows Update
24-02-2015 02:07:01 Windows Update
25-02-2015 15:46:38 Windows Update
26-02-2015 01:27:57 Installed Adblock Plus for IE (32-bit and 64-bit)
27-02-2015 02:23:02 Installed Adblock Plus for IE (32-bit and 64-bit)
01-03-2015 15:31:00 Windows Update
04-03-2015 03:00:29 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {025CF1BF-CFBE-4499-AA85-BA28A1F116E0} - System32\Tasks\{48FD23B9-693F-4041-8025-452A46A13E52} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {145577E3-4C64-4BDE-B246-297ED55781D2} - System32\Tasks\{9E7F9F8D-4660-4A02-8A77-A7AF65B42087} => C:\Program Files (x86)\FlashMute\flashmute.exe [2006-03-11] ()
Task: {159626B7-F524-4E51-A6F8-79D5D0928BAE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {160F1E8C-241D-429E-BD95-5D0115946AF4} - System32\Tasks\{76900AF9-B180-4CEA-9474-1AAAEF89A1C3} => pcalua.exe -a "C:\Program Files (x86)\Alawar\FarmFrenzy\Uninstall.exe"
Task: {168D0EE3-4904-43BB-AFA3-86B1649CC135} - System32\Tasks\{97A6964F-021B-4C0F-9D31-D4C29D1D33EB} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {17492298-B09D-4610-B851-A22CA82D187E} - System32\Tasks\{F6CA7E35-E2D6-4146-A5C0-E084A7B4CC0D} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {25A61106-659E-4927-B6D2-E5B602307D2B} - System32\Tasks\{88B3675E-0B8A-40E4-B15A-EAFCAE15ACDF} => C:\Program Files (x86)\FlashMute\flashmute.exe [2006-03-11] ()
Task: {271AA7B9-EE8A-455D-A4F6-7D40C8696537} - System32\Tasks\{36156CD1-067F-493E-94D6-C2BEBCE633BF} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {29C7EC09-B5A4-4377-B8A8-8A1F5C458581} - System32\Tasks\{AAC3E4A5-F0B4-4590-853B-F05F8B308E82} => C:\Users\*****\Downloads\Roads.of.Rome.3.v1.0.Cracked-F4CG\setup-ror3.exe [2002-02-02] ()
Task: {2A28CB7B-E993-4AB0-BFE0-77CF62E2920F} - System32\Tasks\{4F38D4B4-F7DD-418D-A5BC-BF62D57FED3A} => pcalua.exe -a C:\Users\*****\Downloads\Anno1602XPInst\Setup_XP.exe -d C:\Users\*****\Downloads\Anno1602XPInst
Task: {2ADF792E-D616-4AFC-BF1E-DAED4E99FE8A} - System32\Tasks\{00DAC903-2264-44CE-8CB7-936C15208E53} => pcalua.exe -a D:\start.exe -d D:\
Task: {2F7E2861-DFE3-4BEA-A4EC-FC72491CC3FC} - System32\Tasks\{7A99D605-DD02-4036-8C4A-E4E36326FF28} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {38069554-1FC6-4CC1-A36E-B1334AE539E5} - System32\Tasks\{8FCC183E-DE8B-4947-8520-4A9A258E51B7} => C:\Users\*****\Downloads\Roads.of.Rome.3.v1.0.Cracked-F4CG\setup-ror3.exe [2002-02-02] ()
Task: {38F8ECED-83B6-442C-8156-D03AE8B9D35F} - System32\Tasks\{0A579F1A-D525-46DC-9E46-F2EF64E7C8DA} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {3C1090A4-EE5E-4B7E-AEAC-C6C5E8B0A324} - System32\Tasks\{6E7F385E-9186-4688-B7C5-F6AF12387C6E} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {468F873D-F51F-4633-8147-5A87D7802DC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {556567EA-96A1-4978-931E-F1643EB44944} - System32\Tasks\{B6404434-EFC6-4142-8063-F77B44765330} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {5A7F3911-BA50-4264-85CA-31000EE80512} - System32\Tasks\{06394F14-CD9C-4D8B-99D4-4A5ED3F6CC63} => pcalua.exe -a "C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AWOL33JP\3426[1].exe" -d C:\Users\*****\Desktop
Task: {5AAAFFFD-1E35-4E6D-921C-1F9358B103F3} - System32\Tasks\{EB3AB74E-8BA1-4393-B201-4A4A95AEDA63} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {5B678EA3-09DC-4CE2-826B-AC2A5738697E} - System32\Tasks\{F8D72FD9-A0A6-435B-84F0-85F9D51C9C7C} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {615AB70A-FB87-47C4-B60D-4EDE8C2877EF} - System32\Tasks\{2FF99389-E8EA-42E3-A7FA-4C2EAE5A1BAA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROHYBRIDR /dll OSETUP.DLL
Task: {62386782-C69D-4407-BDC3-697B7330FB37} - System32\Tasks\{13877F82-6C16-4E87-9AB8-5098911EE7B4} => C:\Program Files (x86)\LinCity-NG\lincity-ng.exe
Task: {62D25E9B-1A9B-43BE-B819-55D85B6E7FFB} - System32\Tasks\{05352849-11A1-4FC8-B856-40C976A71969} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {62EA90BB-BB4F-43D5-BFEF-ED2248134E1D} - System32\Tasks\{EA18852B-8727-4C6C-BCC3-3B1266810BCD} => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\Hpqdirec.exe [2003-03-31] (Hewlett-Packard Co.)
Task: {68B0B1E6-5678-4E7F-8A52-A205BADE5FA0} - System32\Tasks\{6E555BC9-6D69-4AE6-BCB8-2211B52BCE52} => C:\Users\*****\Downloads\Roads.of.Rome.3.v1.0.Cracked-F4CG\setup-ror3.exe [2002-02-02] ()
Task: {6A1B5A02-B915-4204-8D91-104A7789FC6A} - System32\Tasks\{EFBE8526-B87A-46A7-9F99-29F9895851F4} => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20] (Sony Ericsson Mobile Communications AB)
Task: {6F58B844-1093-4303-81E1-353E4A9CCBBC} - System32\Tasks\{7DD5C004-2772-4C2F-88F3-4AFA497DF75E} => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20] (Sony Ericsson Mobile Communications AB)
Task: {709DDD72-42C5-45E0-9065-D28B8A3AAFF2} - System32\Tasks\{E1DD7539-F01B-4A7E-B4C8-EFCC53504941} => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20] (Sony Ericsson Mobile Communications AB)
Task: {7258D1BD-7190-4202-8507-0363CE1383F3} - System32\Tasks\{6A9B072A-B395-4E24-A72F-011A89B827CA} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {78390AF0-AC6F-4070-8D76-396A20D5E6FE} - System32\Tasks\{4E34B880-8C0C-4D5C-A5B3-92E8F1ABAC37} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {79C60FF0-6498-4293-BED1-50530570A160} - System32\Tasks\{5809E480-A85A-4075-9779-8970F9ED06CC} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {8108B765-8540-422E-9FA8-DC06A515D605} - System32\Tasks\{684CFC3E-6013-4326-8EE9-369DB8141C2F} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {83A8F4A0-0E29-46DC-BECA-AEF62B9C6DA7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {8510BC7C-2A7C-4171-AA69-B3E6942A2063} - System32\Tasks\{80AFF266-2234-4825-B3C8-80C1DA08B17A} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {8E6C2E54-6DCF-4D1C-8CE5-51F5976EDD8E} - System32\Tasks\{C8E8C1FE-E02E-4EA2-8E55-E066CACE5060} => C:\Users\*****\Downloads\Roads.of.Rome.3.v1.0.Cracked-F4CG\setup-ror3.exe [2002-02-02] ()
Task: {93B4A041-FBC8-4C06-970E-FE54435765FE} - System32\Tasks\{BA122675-E6AF-472E-8C34-2F594831EEF4} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {95C4D97D-35DC-4556-8789-052D16C56F35} - System32\Tasks\{00A159F0-1B5F-4199-8E6E-7A64BE437FB7} => pcalua.exe -a C:\Users\*****\Desktop\Plants_Vs_Zombies_2_Full_Setup.exe -d C:\Users\*****\Desktop
Task: {98CE3479-09A5-43FD-9E4F-E7052378B767} - System32\Tasks\{6DE0B03D-CA4A-4791-998B-09A871801955} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {9BCAC6AB-B7D3-4168-B789-877732AC8DBE} - System32\Tasks\{339FD660-3AAD-44C9-A762-B749BD903DC3} => C:\Program Files (x86)\LinCity-NG\lincity-ng.exe
Task: {9C022177-8C3E-40DB-A5C9-DC9DCFDB82CC} - System32\Tasks\{54C4C999-86EE-4D20-98DC-121CFB882217} => pcalua.exe -a "C:\Users\*****\Desktop\Worms Armageddon\RegSetup.exe" -d "C:\Users\*****\Desktop\Worms Armageddon"
Task: {9E81A27F-6197-425D-949B-7E6FCC681E69} - System32\Tasks\{2ED3A9AD-43DB-4419-AEA3-86C6259CEBC4} => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\Hpqdirec.exe [2003-03-31] (Hewlett-Packard Co.)
Task: {9F9F842C-9AE7-4E88-8806-F3F150218451} - System32\Tasks\{D34CC7B2-F7D5-42F9-B36D-1D29FDAC00D9} => D:\CD_Start.exe
Task: {A9006A99-6BB0-4235-9CE2-720577512EB1} - System32\Tasks\{D201A40C-05F5-4DC3-B48D-FA54B97DDAC1} => C:\Program Files (x86)\Panasonic\Voice Editing\Voice Editing.exe
Task: {AA2F3A97-A0C5-4660-897B-CDDABEA0E4FE} - System32\Tasks\{5336A037-B480-41B6-A4B7-33B81155642B} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {AB710B86-6275-48A9-A916-84BC1C5B4195} - System32\Tasks\{DF9B2841-1E07-4824-9852-2101599264A5} => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\Hpqdirec.exe [2003-03-31] (Hewlett-Packard Co.)
Task: {B43E5BD2-8738-405C-A48A-29EA02E6FD4E} - System32\Tasks\{35A703E3-9A80-4CD8-B300-E0ADB73E3BFE} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {B5D6CA75-44DF-4F99-80A5-57F5B6A392A6} - System32\Tasks\{A9848A0E-7267-4659-BA11-14AB5B7BA217} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {B6831881-AA4A-4E2D-9200-2C0F2EBAB8F8} - System32\Tasks\{0D4C02F2-FBF4-47BD-8F83-3D669AA1E235} => D:\CD_Start.exe
Task: {B8B8B94F-C567-4930-9F32-D6E99488E9BA} - System32\Tasks\{00C43038-38BD-421C-B298-2F9B4DAD9B38} => C:\Program Files (x86)\FlashMute\flashmute.exe [2006-03-11] ()
Task: {BC196D24-B6DD-4099-A59F-516FFFD50CF9} - System32\Tasks\{52FB61A7-0249-4D5B-9D34-5C0C32145869} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {C59666B8-2EC5-4998-A506-A1D245E28D9E} - System32\Tasks\{7A2E9DF3-4AF7-4744-BAD6-D195E3FCE9F5} => C:\Users\*****\Documents\UNI\quasi6\CIDI- das Programm\DIA-X\DIAX-CL.EXE
Task: {C700D508-ADE5-488E-9FF1-501FC5741936} - System32\Tasks\{C1AC4DA1-BBBC-40B1-AD12-E8EE1AACB267} => pcalua.exe -a D:\AliceSetup.exe -d D:\
Task: {CC86E78B-62BC-4955-AE24-501B716D5B07} - System32\Tasks\{B7FBD7B4-18AD-4BAE-A81B-A70CCC49540A} => C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20] (Sony Ericsson Mobile Communications AB)
Task: {D8000110-671D-4524-ADBE-30FC3E32A686} - System32\Tasks\{9AA3E5B7-DF32-4F60-83C3-6C728C23F39F} => C:\Users\*****\Desktop\Farm F. 3\FarmFrenzy3.exe
Task: {DA2D7E00-080E-4A72-9621-B7763982D750} - System32\Tasks\{A1716DCC-0E95-4C6A-BA1B-CAB89981F06B} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: {DAD518B4-7B26-4DD9-9A1F-313CB6291DE9} - System32\Tasks\{1175C27D-6E7B-4C69-81F0-756C3621EEB3} => C:\Program Files (x86)\Panasonic\Voice Editing\Voice Editing.exe
Task: {E5CBA46D-06C1-4170-9FBE-239FDA12CF03} - \DSite No Task File <==== ATTENTION
Task: {E7F27DCE-B494-422F-B0A0-2956C85FBE51} - System32\Tasks\{337634D6-52D7-4264-B48A-48ABE212D5A8} => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\Hpqdirec.exe [2003-03-31] (Hewlett-Packard Co.)
Task: {F75DD099-94E5-4D09-B8AE-4FC034963E94} - System32\Tasks\{E9DFF48B-C537-4DC8-A0DA-EEF46074C24B} => pcalua.exe -a C:\ProgramData\Websteroids\uninstall.exe -c /kb=y /ic=2
Task: {FA541C65-48E3-42DF-B3B4-45958D8E2750} - System32\Tasks\{7BBD165E-09EB-40F0-92D9-9CB1B1E8C5C7} => C:\Program Files (x86)\programme tgc\Farm 3\FarmFrenzy3.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2011-07-18 04:51 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2015-01-01 18:57 - 2009-04-30 11:23 - 00090112 _____ () C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
2009-07-07 17:39 - 2008-07-29 18:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-02-24 17:18 - 2015-02-24 17:18 - 01633792 _____ () c:\Program Files (x86)\SegmentAmplifier\SegmentAmplifier.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 14:14 - 2015-03-04 14:14 - 00043008 _____ () c:\users\*****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1ni2ra.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-03-03 15:13 - 2015-03-03 15:13 - 00560640 _____ () C:\Program Files (x86)\ExsTraCoupon\54rS6hsFGlWIF4.dll
2015-03-03 15:13 - 2015-03-03 15:13 - 00560640 _____ () C:\Program Files (x86)\NeetoCouponn\oC8JcXCUIIEeC0.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:705CCD22
AlternateDataStreams: C:\ProgramData\TEMP:85649C7B
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:CBEB737E
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:F84B8DB5
AlternateDataStreams: C:\Users\*****\Documents\GGrenzen.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\*****\Documents\P1030454.gif:com.dropbox.attributes
AlternateDataStreams: C:\Users\*****\Documents\P5150541.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\*****\Documents\P5150542.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\*****\Documents\P5150543.JPG:com.dropbox.attributes
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1544005099-1477667473-460764477-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.117.1.25 - 89.16.129.25
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk => C:\Windows\pss\hpoddt01.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-1544005099-1477667473-460764477-500 - Administrator - Disabled)
Gast (S-1-5-21-1544005099-1477667473-460764477-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1544005099-1477667473-460764477-1007 - Limited - Enabled)
***** (S-1-5-21-1544005099-1477667473-460764477-1003 - Administrator - Enabled) => C:\Users\*****
Unzugriff (S-1-5-21-1544005099-1477667473-460764477-1009 - Limited - Enabled) => C:\Users\Unzugriff
==================== Faulty Device Manager Devices =============
Name: Atheros AR5B93 Wireless Network Adapter
Description: Atheros AR5B93 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/03/2015 11:03:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17631 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 137c
Startzeit: 01d055fd8a1706b2
Endzeit: 306
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (03/03/2015 05:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8783
Error: (03/03/2015 05:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8783
Error: (03/03/2015 05:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/28/2015 03:22:35 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/28/2015 03:22:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/28/2015 03:07:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17631, Zeitstempel: 0x54b31a70
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000064f9
ID des fehlerhaften Prozesses: 0x898
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (02/27/2015 10:09:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17631, Zeitstempel: 0x54b31a70
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000064f9
ID des fehlerhaften Prozesses: 0x2c8c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (02/27/2015 08:48:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9765
Error: (02/27/2015 08:48:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9765
System errors:
=============
Error: (03/04/2015 02:21:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (03/04/2015 02:21:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (03/04/2015 02:12:35 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (03/04/2015 02:11:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/04/2015 02:11:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/04/2015 02:11:45 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.
Error: (03/04/2015 00:26:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/04/2015 00:25:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/04/2015 00:25:54 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.
Error: (03/03/2015 11:05:54 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (03/03/2015 11:03:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17631137c01d055fd8a1706b2306C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (03/03/2015 05:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8783
Error: (03/03/2015 05:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8783
Error: (03/03/2015 05:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/28/2015 03:22:35 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (02/28/2015 03:22:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (02/28/2015 03:07:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1763154b31a70unknown0.0.0.000000000c0000005000064f989801d052d045f4af51C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown90a142f7-beee-11e4-946e-00269e91fd04
Error: (02/27/2015 10:09:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1763154b31a70unknown0.0.0.000000000c0000005000064f92c8c01d052d0059e0426C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknownda3d3f3b-bec4-11e4-946e-00269e91fd04
Error: (02/27/2015 08:48:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9765
Error: (02/27/2015 08:48:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9765
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 57%
Total physical RAM: 3996.93 MB
Available physical RAM: 1689.14 MB
Total Pagefile: 7992.05 MB
Available Pagefile: 5440.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:285.99 GB) (Free:4.88 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DA0BBB10)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
