| andyspock | 14.07.2015 17:10 |
Code:
C:\Users\User\AppData\Local\5D515C96_stp\icc.dll Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\Programme\Audacity\Audacity - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\Programme\Malewarebytes Anti Maleware\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\Programme\Need For Speed Shift\Demo Need for Speed Shift Falken - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\Programme\Virtual Dub\VirtualDub 64 Bit - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\Programme\VLC Player\VLC media player 64 Bit - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\Programme\x264 codec\x264 Video Codec - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\Programme\xVid Codec\Koepi s XviD - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
D:\User\Downloads\32bit_Win7_Win8_Win81_R275 - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
Code:
Results of screen317's Security Check version 1.004
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
McAfee Anti-Virus und Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 18.0.0.203
Mozilla Firefox (39.0)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
Malewarebytes Anti Maleware Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by User (administrator) on 3A-INTEL on 14-07-2015 18:04:58
Running from C:\Users\Andreas\Desktop
Loaded Profiles: User & Andreas (Available Profiles: User & Andreas)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) D:\Programme\Malewarebytes Anti Maleware\Malwarebytes Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(The Eraser Project) D:\Programme\Eraser\Eraser.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
(Malwarebytes Corporation) D:\Programme\Malewarebytes Anti Maleware\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Eraser] => D:\Programme\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => d:\Programme\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-21-352499855-2342664261-942187551-1000\...\Run: [Xvid] => D:\Programme\xVid Codec\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-352499855-2342664261-942187551-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7246904 2015-07-13] (GOG.com)
HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\Run: [Xvid] => D:\Programme\xVid Codec\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\RunOnce: [Uninstall C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64"
HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\MountPoints2: {2c09d8f3-5b8e-11e4-a956-806e6f6e6963} - E:\Bin\ASSETUP.exe
HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\MountPoints2: {b778d220-5de5-11e4-a3da-7824af347422} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\MountPoints2: {b778d237-5de5-11e4-a3da-7824af347422} - H:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-352499855-2342664261-942187551-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-352499855-2342664261-942187551-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-352499855-2342664261-942187551-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-352499855-2342664261-942187551-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-352499855-2342664261-942187551-1001 -> {33A64562-C889-41EE-A53A-0D504D11A000} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE649D20141111&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Programme\ARC\Arc\plugins\ArcPluginIE.dll [2015-06-11] (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-03] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7B675A2E-4E67-4BD1-8AA6-DB7B5801AF50}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{91E4FF79-C6F2-4549-B8FC-64B2BBAAB7EB}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\eyzq5n0p.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Programme\ARC\Arc\plugins\npArcPluginFF.dll [2015-06-11] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-07-13]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-11-11]
FF HKU\S-1-5-21-352499855-2342664261-942187551-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-07]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ArcService; D:\Programme\ARC\Arc\ArcService.exe [88400 2015-06-11] (Perfect World Entertainment Inc)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-13] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-07-03] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; D:\Programme\Malewarebytes Anti Maleware\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; D:\Programme\Malewarebytes Anti Maleware\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.450.0\McCSPServiceHost.exe [207344 2015-04-08] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-04-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2004488 2015-07-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-07] ()
R2 RichVideo64; C:\Program Files\Cyberlink\Shared files\RichVideo64.exe [390672 2012-09-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 18:02 - 2015-07-14 18:02 - 00000817 _____ C:\Users\Andreas\Desktop\checkup.txt
2015-07-14 17:59 - 2015-07-14 17:59 - 00852662 _____ C:\Users\Andreas\Desktop\SecurityCheck.exe
2015-07-14 17:49 - 2015-07-14 17:49 - 00003290 _____ C:\Users\Andreas\Desktop\ESET.txt
2015-07-14 16:09 - 2015-07-14 16:10 - 02870984 _____ (ESET) C:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
2015-07-13 18:39 - 2015-07-14 18:04 - 00023927 _____ C:\Users\Andreas\Desktop\FRST.txt
2015-07-13 18:39 - 2015-07-13 18:39 - 00042413 _____ C:\Users\Andreas\Desktop\Addition.txt
2015-07-13 18:38 - 2015-07-13 18:38 - 02133504 _____ (Farbar) C:\Users\Andreas\Desktop\FRST64.exe
2015-07-13 18:35 - 2015-07-13 18:35 - 00000604 _____ C:\Users\Andreas\Desktop\JRT.txt
2015-07-13 18:31 - 2015-07-13 18:31 - 00000207 _____ C:\Windows\tweaking.com-regbackup-3A-INTEL-Windows-7-Home-Premium-(64-bit).dat
2015-07-13 18:31 - 2015-07-13 18:31 - 00000000 ____D C:\RegBackup
2015-07-13 18:26 - 2015-07-13 18:26 - 03034492 _____ (Malwarebytes Corporation) C:\Users\Andreas\Desktop\JRT.exe
2015-07-13 14:47 - 2015-07-13 14:47 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 14:47 - 2015-07-13 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-13 14:00 - 2015-07-13 13:56 - 00001218 _____ C:\Users\Andreas\Desktop\AdwCleaner[S0].txt
2015-07-13 14:00 - 2015-07-13 13:53 - 00001205 _____ C:\Users\Andreas\Desktop\AdwCleaner[R0].txt
2015-07-13 13:55 - 2015-07-13 13:55 - 00001205 _____ C:\Users\User\Desktop\AdwCleaner[R0].txt
2015-07-13 13:53 - 2015-07-13 13:56 - 00000000 ____D C:\AdwCleaner
2015-07-13 13:51 - 2015-07-13 13:51 - 02248704 _____ C:\Users\Andreas\Desktop\AdwCleaner_4.208.exe
2015-07-13 13:50 - 2015-07-13 13:50 - 00001211 _____ C:\Users\Andreas\Desktop\mbam.txt
2015-07-12 19:55 - 2015-07-12 19:55 - 00034992 _____ C:\Users\User\Desktop\Combofix.txt
2015-07-12 19:53 - 2015-07-12 19:53 - 00034992 _____ C:\ComboFix.txt
2015-07-12 19:47 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-12 19:47 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-12 19:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-12 19:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-12 19:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-12 19:47 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-12 19:47 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-12 19:47 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-12 19:45 - 2015-07-12 19:45 - 00001160 _____ C:\Users\Andreas\Desktop\ComboFix - Verknüpfung.lnk
2015-07-12 19:17 - 2015-07-12 19:53 - 00000000 ____D C:\Qoobox
2015-07-12 19:17 - 2015-07-12 19:52 - 00000000 ____D C:\Windows\erdnt
2015-07-12 19:16 - 2015-07-12 19:16 - 05632449 ____R (Swearware) C:\Users\Andreas\Downloads\ComboFix.exe
2015-07-12 19:15 - 2015-07-12 19:15 - 00000000 ____D C:\Users\Andreas\Desktop\Witcher 3 Endscreen
2015-07-12 19:14 - 2015-07-12 19:14 - 00000000 ____D C:\Users\Andreas\Desktop\Forest_Endscreen
2015-07-11 22:42 - 2015-07-11 22:42 - 00004605 _____ C:\Users\Andreas\AppData\Local\recently-used.xbel
2015-07-11 22:24 - 2015-07-11 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-11 22:24 - 2015-07-11 22:24 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-11 22:23 - 2015-07-14 17:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-11 22:23 - 2015-07-11 22:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-11 22:22 - 2015-07-11 22:22 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-07-11 22:20 - 2015-07-11 22:20 - 13835424 _____ (Adobe Systems Inc.) C:\Users\Andreas\Downloads\Shockwave_Installer_Full.exe
2015-07-11 21:48 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-11 21:48 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-11 19:53 - 2015-07-11 19:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-11 19:53 - 2015-07-11 19:53 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-11 19:53 - 2015-07-11 19:53 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-11 17:21 - 2015-07-11 17:21 - 00000000 _____ C:\Users\Andreas\Downloads\ComboFix(1).exe
2015-07-11 17:13 - 2015-07-11 17:13 - 00003554 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 1224dc8b701741078143def3c9d8722304b4e50b3b6a4e2e994bb7292676baae
2015-07-11 12:28 - 2015-07-13 23:06 - 00104001 _____ C:\Users\Andreas\Desktop\STO.pds
2015-07-09 21:43 - 2015-07-09 21:43 - 00000000 ____D C:\Users\Andreas\AppData\Local\Microsoft Games
2015-07-09 20:55 - 2015-07-14 18:05 - 00000000 ____D C:\FRST
2015-07-08 11:10 - 2015-07-08 11:10 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-07-08 11:03 - 2015-07-08 11:03 - 00002236 _____ C:\Users\Public\Desktop\HP Officejet 2620 series.lnk
2015-07-08 11:03 - 2015-07-08 11:03 - 00001173 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet 2620 series.lnk
2015-07-08 10:58 - 2015-07-09 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 23:02 - 2015-07-07 23:02 - 00000000 ____D C:\Users\Andreas\Tracing
2015-07-05 22:12 - 2015-07-11 22:42 - 00000000 ____D C:\Users\Andreas\AppData\Local\gtk-2.0
2015-07-05 22:11 - 2015-07-05 22:11 - 00000000 ____D C:\Users\Andreas\.thumbnails
2015-07-05 22:09 - 2015-07-11 22:42 - 00000000 ____D C:\Users\Andreas\.gimp-2.8
2015-07-05 22:09 - 2015-07-05 22:09 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-07-05 22:09 - 2015-07-05 22:09 - 00000000 ____D C:\Users\Andreas\AppData\Local\gegl-0.2
2015-07-05 22:08 - 2015-07-05 22:09 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-29 16:52 - 2015-07-03 23:46 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-28 19:22 - 2015-06-28 19:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\4kdownload.com
2015-06-28 19:19 - 2015-06-28 19:19 - 00000789 _____ C:\Users\User\Desktop\4K Video Downloader.lnk
2015-06-28 19:19 - 2015-06-28 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2015-06-21 09:51 - 2015-06-21 09:51 - 00000000 ____D C:\found.000
2015-06-17 00:23 - 2015-06-17 00:23 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-06-17 00:23 - 2015-06-17 00:23 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2015-06-15 20:56 - 2015-07-12 19:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-15 20:56 - 2015-07-12 19:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-15 20:56 - 2015-06-15 20:56 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 17:50 - 2015-06-02 12:45 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 17:47 - 2015-04-25 23:48 - 00000000 ____D C:\Users\User\AppData\Local\5D515C96_stp
2015-07-14 17:46 - 2014-10-24 17:33 - 01311155 _____ C:\Windows\WindowsUpdate.log
2015-07-14 16:25 - 2011-04-12 09:43 - 00700454 _____ C:\Windows\system32\perfh007.dat
2015-07-14 16:25 - 2011-04-12 09:43 - 00150092 _____ C:\Windows\system32\perfc007.dat
2015-07-14 16:25 - 2009-07-14 07:13 - 01624034 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-14 16:24 - 2015-06-02 12:45 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 15:57 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-14 15:57 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-14 15:49 - 2015-03-28 23:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-14 15:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-14 15:49 - 2009-07-14 06:51 - 00147614 _____ C:\Windows\setupact.log
2015-07-13 14:47 - 2015-02-23 16:51 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-07-13 14:47 - 2015-02-23 16:51 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 13:44 - 2014-10-26 12:39 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-12 20:10 - 2010-11-21 05:47 - 00246994 _____ C:\Windows\PFRO.log
2015-07-12 19:51 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-11 22:46 - 2015-01-25 13:20 - 00007599 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg
2015-07-11 22:31 - 2014-10-25 20:25 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Adobe
2015-07-11 22:30 - 2014-10-31 17:04 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe
2015-07-11 22:23 - 2014-10-25 21:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-11 22:23 - 2014-10-25 21:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-11 22:22 - 2014-10-25 16:03 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-11 21:49 - 2014-10-25 09:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-11 19:54 - 2014-10-25 10:35 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2015-07-11 19:53 - 2014-12-23 16:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-11 19:52 - 2014-10-25 10:36 - 00000000 ____D C:\ProgramData\Adobe
2015-07-11 17:11 - 2015-01-19 16:33 - 00000000 ____D C:\Users\Andreas\AppData\Local\HP
2015-07-11 12:24 - 2015-02-23 16:51 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Skype
2015-07-11 10:40 - 2014-12-19 23:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Audacity
2015-07-11 09:26 - 2014-10-24 17:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-09 14:36 - 2014-10-24 19:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 11:10 - 2014-10-31 17:02 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2015-07-08 11:10 - 2014-10-31 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-07-08 11:03 - 2014-10-31 17:02 - 00000000 ____D C:\ProgramData\HP
2015-07-08 11:03 - 2014-10-31 17:02 - 00000000 ____D C:\Program Files\HP
2015-07-08 11:03 - 2014-10-31 17:02 - 00000000 ____D C:\Program Files (x86)\HP
2015-07-08 10:58 - 2015-04-18 13:29 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-07-07 23:02 - 2014-10-25 20:25 - 00000000 ____D C:\Users\Andreas
2015-07-07 19:52 - 2014-11-11 19:22 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-07-06 21:45 - 2015-04-29 22:25 - 00000000 ____D C:\Program Files\OBS
2015-07-06 21:45 - 2015-04-29 22:25 - 00000000 ____D C:\Program Files (x86)\OBS
2015-07-06 13:54 - 2015-05-24 14:47 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2015-07-05 15:29 - 2014-12-31 11:45 - 00000000 ____D C:\ProgramData\Origin
2015-07-05 11:08 - 2015-03-01 22:39 - 00000000 ____D C:\Users\Andreas\AppData\Local\Windows Live
2015-07-03 16:44 - 2015-05-24 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-06-29 16:52 - 2015-05-04 20:03 - 00001086 _____ C:\Users\User\Desktop\MSI Afterburner.lnk
2015-06-28 19:16 - 2014-10-24 17:51 - 00077504 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-25 15:56 - 2014-10-25 11:07 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-24 13:36 - 2014-10-25 09:56 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 13:36 - 2014-10-25 09:56 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36 - 2014-10-25 09:56 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-24 13:36 - 2014-10-25 09:56 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-23 18:58 - 2015-03-07 15:41 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft
2015-06-23 18:45 - 2015-03-08 15:12 - 00009702 _____ C:\Users\Andreas\FreeYTVDownloader.xml
2015-06-23 18:44 - 2015-03-08 13:34 - 00000241 _____ C:\Users\Andreas\updhelper.xml
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-22 07:46 - 2009-07-14 06:45 - 00344944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-21 16:05 - 2014-10-25 20:25 - 00077504 _____ C:\Users\Andreas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-20 17:20 - 2014-12-31 11:48 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Origin
2015-06-19 23:34 - 2014-12-30 01:33 - 00000000 ____D C:\Users\Andreas\AppData\Local\Eraser 6
2015-06-18 08:41 - 2014-10-26 12:39 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2014-10-26 12:39 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2014-10-26 12:39 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
==================== Files in the root of some directories =======
2015-05-01 16:20 - 2015-05-01 16:20 - 0200115 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS
2015-05-01 16:20 - 2015-05-01 16:20 - 0000290 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS.part
2015-04-25 23:48 - 2015-04-25 23:48 - 0385602 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS
2015-04-25 23:48 - 2015-05-01 15:47 - 0000220 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS.part
2015-05-01 16:20 - 2015-05-01 16:20 - 17674240 _____ () C:\Users\User\AppData\Local\62107B2F_stp.CIS
2015-05-01 16:20 - 2015-05-01 16:20 - 0000500 _____ () C:\Users\User\AppData\Local\62107B2F_stp.CIS.part
2015-01-25 13:20 - 2015-07-11 22:46 - 0007599 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2015-04-18 13:34 - 2015-04-18 13:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-10-24 17:48 - 2014-10-24 17:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 14:26
==================== End of log ============================
--- --- ---
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by User at 2015-07-14 18:05:16
Running from C:\Users\Andreas\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-352499855-2342664261-942187551-500 - Administrator - Disabled)
Andreas (S-1-5-21-352499855-2342664261-942187551-1001 - Limited - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-352499855-2342664261-942187551-501 - Limited - Disabled)
User (S-1-5-21-352499855-2342664261-942187551-1000 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
(HKLM\...\UDK-76e68951-ae4c-40cc-9c85-9812bfda137d) (Version: - RuneStorm
4K Video Downloader 3.6 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.6.0.1760 - Open Media LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.13.0 - Asmedia Technology)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.3625 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.3625 - Ihr Firmenname) Hidden
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.3206 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.8.61.1020 - Electronic Arts Inc.)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{7B732633-C9ED-44DF-98E7-BBBE3D9220C9}) (Version: 31.0.1176.42778 - Hewlett-Packard Co.)
HP Officejet 2620 series Hilfe (HKLM-x32\...\{B356F70C-F1AD-4B24-B2DD-6EAABFCB1B33}) (Version: 31.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.1029 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.354 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-352499855-2342664261-942187551-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-352499855-2342664261-942187551-1000\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
Need for Speed™ SHIFT Demo (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}) (Version: 1.0.0.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PowerDirector (Version: 11.0 - Ihr Firmenname) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Total War Battles: KINGDOM (HKLM-x32\...\Steam App 300080) (Version: - Creative Assembly)
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version: - Creative Assembly)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Viscera Cleanup Detail: alpha v0.25
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-352499855-2342664261-942187551-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
11-07-2015 09:25:51 Installiert PowerDirector
11-07-2015 22:21:50 McAfee Vulnerability Scanner
13-07-2015 14:47:02 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-07-12 19:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18B2A9FE-20AC-43A2-B341-361F532A16B4} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {1A8BEB30-EF7B-4339-807D-BB3CDF17F667} - System32\Tasks\hpUtility.exe_{FA0721DD-0F80-4A9B-9136-39EB9866F701} => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\utils\hpUtility.exe
Task: {3777A1A5-E3D3-4194-AE93-1295705A405B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {5DDC703E-EFF4-4AED-84F0-B6ED5CF59E99} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {71D8BFE8-E528-453B-A4F0-CB1DE80E2F5B} - System32\Tasks\HP AR Program Upload - 1224dc8b701741078143def3c9d8722304b4e50b3b6a4e2e994bb7292676baae => C:\Program Files\HP\HP Officejet 2620 series\bin\HPRewards.exe [2013-05-09] (TODO: <Company name>)
Task: {7804810A-50ED-4D9C-B448-4AF5F3BE1ADD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11] (Adobe Systems Incorporated)
Task: {7C738C78-F092-4E42-A393-F7DB97552EA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-02] (Google Inc.)
Task: {A8EEB34F-59D0-417B-8D40-EB4EA99DA7BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-02] (Google Inc.)
Task: {BD081F95-903B-4122-B5AF-CBA26C9A96D8} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HpWebReg.exe
Task: {D7C5CB2C-7C17-4E18-83C5-7D5E57498B28} - System32\Tasks\PhotoProduct.exe => C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
Task: {EA44C19B-32B8-43E7-B135-4BCE139E2B77} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {EF3B3EBE-B32B-483C-AB20-358CD2B9F1E3} - System32\Tasks\HP Deskjet 2050 J510 series.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-28 23:34 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-24 17:45 - 2013-05-07 09:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-10-25 15:53 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-07 18:41 - 2015-02-07 18:41 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-29 16:01 - 2012-09-04 15:05 - 00390672 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
2014-10-24 17:45 - 2015-07-14 15:49 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-10-24 17:45 - 2013-05-07 09:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-31 15:52 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-10-24 17:50 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-11 19:49 - 2015-07-11 19:49 - 17418416 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-352499855-2342664261-942187551-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-352499855-2342664261-942187551-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9C815D1D-014C-4536-A79D-82A331192207}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3DF6DA43-36B8-44D9-B165-895DA49EECCB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{425B315F-F4EB-472C-9A01-6E297C1D95A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F63B8706-F1FB-4C31-A440-D381418DE750}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D1F431C9-D5E1-4488-BF2A-4D7E2AFF7079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{955141FC-A5B5-4E85-A534-D6A723FBD0C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1D689A31-7E71-4952-8BB2-33222244C827}] => (Allow) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{3621BAF4-BA40-4FF8-B903-641CE4DA3847}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{2391E2EE-195B-470E-B579-21E952CC65B0}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{F4077132-9476-4C89-AC0F-04A1D56FE76B}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0B8A65E-7B56-4C23-94D9-28747E3C5302}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{CCF00B5D-8BE5-4D25-A5BF-2461E5EACBE0}] => (Allow) D:\Programme\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{B70DD3B4-9DB4-49A3-9B33-7FC4F50E3D01}] => (Allow) D:\Programme\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{82485B99-19FA-4A78-BC35-FA881045EE12}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{ECCB6F3C-B238-4493-B3CA-C4B6D63A29B0}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [TCP Query User{0BC9F4C1-F64A-4C46-B8B2-6A2433D84AA4}D:\programme\arc\star trek online_de\star trek online\live\gameclient.exe] => (Allow) D:\programme\arc\star trek online_de\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{E6553979-EFE5-451C-B2D9-1087DF4980F9}D:\programme\arc\star trek online_de\star trek online\live\gameclient.exe] => (Allow) D:\programme\arc\star trek online_de\star trek online\live\gameclient.exe
FirewallRules: [TCP Query User{9BA692C5-5CA4-4454-9F79-A6B60F123102}D:\programme\vlc player\vlc\vlc.exe] => (Block) D:\programme\vlc player\vlc\vlc.exe
FirewallRules: [UDP Query User{488FCC61-A231-4CE2-9AE6-2F52221411DD}D:\programme\vlc player\vlc\vlc.exe] => (Block) D:\programme\vlc player\vlc\vlc.exe
FirewallRules: [{E03FE6F8-3576-4FDF-887F-8CF8B6F19C21}] => (Allow) d:\Programme\PowerDirektor\PowerDirector11\PDR10.EXE
FirewallRules: [{E41FDF42-6B08-47E1-A644-D421A8BFB7E4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{E1A1DD09-6B3D-44ED-BB7C-6F6B402ED477}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5AF8257D-A083-4751-9166-2E77F4C252F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{141F6F34-BED2-46B4-9B77-E05E9F9B6A33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7B0B0048-461D-47C4-9C96-563AD5CC6713}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{45E02A29-F784-4D65-97A6-21DB5479E88F}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{6F196F83-B80D-4B8D-B8AE-BF1A9F5E5F1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{47EFF2DA-9CD0-4733-BA4C-72BE7C04B489}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1D072144-E3F1-42F9-910B-3A5E26CA18A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4BDC6AE1-B1A1-483C-9871-DEDE0EAA7A46}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{96C816D3-3A46-435F-B181-95047500FB8E}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe
FirewallRules: [{FE686A57-1A67-448E-B8F2-A20F3651C617}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe
FirewallRules: [{B77DE724-2143-4840-BACC-B86075676C53}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{0F2306AF-98CB-4CBB-AC0B-974392052A31}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{BEC0F9D4-AE3C-4B20-A1B6-54E092C3FA4F}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{9779F962-D578-465F-ABBF-E66F3EBD1C3E}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{A5770237-1C3F-415E-9A05-111B24A1120D}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{7E4FE4D4-80C8-45EE-A24C-106B421693A3}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{89175BC8-ACDB-478E-A157-2772375D6B00}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2572AA3A-CC45-47EC-A019-3902809F7584}] => (Allow) LPort=2869
FirewallRules: [{BB444681-4663-4677-85A6-94022EBD0FCF}] => (Allow) LPort=1900
FirewallRules: [{2C8B1F77-05AE-4FB8-BC89-01FC4144829D}] => (Allow) D:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7371328C-995D-4B1B-AC37-91019436136D}] => (Allow) D:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{19D9F2E3-C0B2-42FF-97AC-BC68E5746FBE}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{5280B54B-982B-4059-B27C-20B1FC1B312C}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{3C813E46-B732-4E53-8DAA-23E113A4A773}] => (Allow) D:\Programme\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{0DD51EDD-2AF2-4B70-AF1B-2D0250C41820}] => (Allow) D:\Programme\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{D318629D-FF1F-4640-916E-0F0B466CE2A9}] => (Allow) D:\Programme\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{952FBC5B-91C9-4549-A66D-B8E43F5E6E39}] => (Allow) D:\Programme\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{B058AFC6-4582-4808-B7AC-70C5A7193DCB}] => (Allow) D:\Programme\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{C9603AF8-62A3-4F79-993C-E984BF1B8C14}] => (Allow) D:\Programme\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{5F4CF382-7EFA-47A9-B036-4B327A289AE0}] => (Allow) D:\Programme\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{02DD9DB6-0AF5-4E92-A5D2-A668100F89C4}] => (Allow) D:\Programme\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{E7547D42-3715-4160-9805-FE25540D82F2}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Battles KINGDOM\TWB_Kingdom.exe
FirewallRules: [{8CFF3E72-0318-481A-BE81-EA4834C10179}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Battles KINGDOM\TWB_Kingdom.exe
FirewallRules: [{5FE7DC80-8975-4BAD-871F-AA217E3B51BD}] => (Allow) D:\Programme\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{2415EB5E-0DE4-4CD7-8B93-ECE19F8B44F5}] => (Allow) D:\Programme\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{A4D31F5E-C416-4062-A008-0063F374DAF2}] => (Allow) d:\Program Files (x86)\PowerDirector11\PDR10.EXE
FirewallRules: [{A4269CBE-B472-44B6-8328-026B5D5CEDAB}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{DEF05BE7-6980-4581-AA42-0EDEE1C6F9F7}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{938BDFA0-CE67-49D9-A834-348D85E0FA82}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{A63FE04E-8A36-46CA-BFB3-ED3D87E5667B}] => (Allow) D:\Programme\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{EB6B6B86-4416-4EE6-BC8F-1A7E76A3ACCF}] => (Allow) D:\Programme\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{4A1BF673-8FA9-49EC-B25F-CF656D130376}] => (Allow) D:\Programme\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{3A547BAF-8B4E-4007-A06A-B002624141B7}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe
FirewallRules: [{D460556D-C2EF-4429-86F8-085E474002C4}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe
FirewallRules: [{4FE3E568-B2A3-4DB6-9F28-AAB814EA1F3F}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe
FirewallRules: [{4E8CD105-DE35-46B3-BEDE-D3B9B0ADFA66}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe
FirewallRules: [{D0574F1E-DF8A-4566-B266-564490617EB6}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A85648AD-F411-4C81-B3CB-3697F5ECE664}] => (Allow) D:\Program Files (x86)\PowerDirector11\PDR10.EXE
FirewallRules: [{9FF28D8A-009F-4ACC-B8DE-3E4B833DA290}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2015 04:57:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:57:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:57:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:25:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:25:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:25:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:24:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:24:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:10:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/14/2015 04:10:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
System errors:
=============
Error: (07/14/2015 05:54:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
Error: (07/14/2015 05:48:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/14/2015 05:48:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/14/2015 05:48:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/14/2015 05:48:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/14/2015 05:48:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/14/2015 05:48:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/14/2015 05:48:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/14/2015 05:48:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/14/2015 05:48:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Microsoft Office:
=========================
Error: (07/14/2015 04:57:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:57:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:57:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:25:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:25:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:25:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:24:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:24:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:10:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Desktop\esetsmartinstaller_deu.exe
Error: (07/14/2015 04:10:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2015-07-12 19:51:20.637
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-12 19:51:20.622
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 31%
Total physical RAM: 16319.38 MB
Available physical RAM: 11154.45 MB
Total Virtual: 32636.96 MB
Available Virtual: 27370.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:14.27 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:851.02 GB) NTFS
Drive g: (Elements) (Fixed) (Total:931.48 GB) (Free:563.76 GB) NTFS
Drive h: (USB DISK) (Fixed) (Total:3.73 GB) (Free:2.29 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5940CEDB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5940CECE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 7FE67A41)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: E43B0C38)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
==================== End of log ============================
--- --- ---
Und danke, keine Probleme :) |
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
