imker666 | 23.09.2015 12:43 | So hier die ergebnisse von FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von test (Administrator) auf TEST-PC (23-09-2015 13:38:35)
Gestartet von C:\Users\test\Desktop
Geladene Profile: test (Verfügbare Profile: test & Familie & 123)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Users\test\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe
() C:\Program Files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe
() C:\Program Files (x86)\ubuntuone\dist\ubuntu-sso-login.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe
(Farbar) C:\Users\test\Desktop\FRST64(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-23] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-04-20] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [666384 2012-02-06] (SANDBOXIE L.T.D)
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Run: [Amazon Music] => C:\Users\test\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-19] ()
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Run: [Ubuntu One] => C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe [137864 2013-02-22] ()
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Run: [Ubuntu One Icon] => C:\Program Files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe [130184 2013-02-22] ()
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Run: [Dropbox Update] => C:\Users\test\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-23] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-03-20]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicyUsers\S-1-5-21-1563124234-3292735695-2560974385-1004\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{464902CC-7920-4FCC-BAAD-6EC0939241E4}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-23] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-23] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1111/Navigram.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\kqzol7da.default-1377672159387
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1563124234-3292735695-2560974385-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-12-15] ()
FF Extension: Mein Grundeinkommen - CrowdBar - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\kqzol7da.default-1377672159387\Extensions\jid1-XGbYhwCViPEOUQ@jetpack.xpi [2014-11-11]
FF Extension: Adblock Plus - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\kqzol7da.default-1377672159387\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-19]
FF HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\pdf.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\test\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! Online Security) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-30]
CHR Extension: (Google Wallet) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\test\AppData\Local\Temp\tbch.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-23] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-09-23] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-09-23] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-25] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [97552 2012-02-06] (SANDBOXIE L.T.D)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 22921753; C:\Windows\System32\drivers\60206801.sys [111408 2012-03-18] (Kaspersky Lab, GERT)
S3 24933811; C:\Windows\System32\drivers\71127511.sys [111408 2012-03-18] (Kaspersky Lab, GERT)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-23] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-09-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-23] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454528 2015-09-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-23] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2013-12-11] ()
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-09-23] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161432 2012-02-06] (SANDBOXIE L.T.D)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-09-23] (Avast Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-04-20] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-23 13:38 - 2015-09-23 13:39 - 00023506 _____ C:\Users\test\Desktop\FRST.txt
2015-09-23 13:36 - 2015-09-23 13:36 - 02192384 _____ (Farbar) C:\Users\test\Desktop\FRST64(1).exe
2015-09-23 12:45 - 2015-09-23 12:46 - 00000000 ____D C:\Users\test\Desktop\zustmus
2015-09-23 00:19 - 2015-09-23 00:19 - 00001942 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-09-23 00:19 - 2015-09-23 00:19 - 00001882 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-09-23 00:16 - 2015-09-23 00:16 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-23 00:16 - 2015-09-23 00:16 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-23 00:16 - 2015-09-23 00:15 - 00132656 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-23 00:15 - 2015-09-23 00:15 - 00454528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-09-20 00:14 - 2015-09-20 00:14 - 00019296 _____ C:\Users\test\Desktop\Rossmann_TAsse.odt
2015-09-17 18:59 - 2015-09-17 18:59 - 00000000 ____D C:\Users\test\Desktop\revolver
2015-09-17 11:09 - 2015-09-17 11:22 - 00000000 ____D C:\Users\test\Desktop\VIDEO_TS
2015-09-17 11:09 - 2009-09-11 20:57 - 00000000 ____D C:\Users\test\Desktop\AUDIO_TS
2015-09-17 11:05 - 2015-09-17 11:06 - 00000000 ____D C:\Users\test\Desktop\slumdog
2015-09-09 09:54 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 09:54 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 09:54 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 09:54 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 09:53 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 09:53 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 09:53 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 09:53 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 09:53 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:53 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 09:53 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:53 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 09:53 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 09:53 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 09:53 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:53 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 09:53 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 09:53 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 09:53 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 09:53 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 09:53 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 09:53 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 09:53 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:53 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 09:53 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:53 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 09:53 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 09:53 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:53 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 09:53 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 09:53 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 09:53 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 09:53 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 09:53 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 09:53 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 09:53 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 09:53 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 09:53 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 09:53 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 09:53 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 09:53 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 09:53 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 09:53 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 09:53 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 09:53 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 09:53 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 09:53 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:53 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 09:53 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 09:53 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:53 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 09:53 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 09:53 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 09:53 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 09:53 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 09:53 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 09:53 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 09:53 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 09:53 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 09:53 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 09:53 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 09:53 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 09:53 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 09:53 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 09:53 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 09:53 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 09:52 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 09:52 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 09:52 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 09:52 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 09:52 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 09:52 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 09:52 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 09:52 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 09:52 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 09:52 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 09:52 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 09:52 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 09:52 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 09:52 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 09:52 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 09:52 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 09:52 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 09:52 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 09:52 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 09:52 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 09:52 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 09:52 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:52 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 09:52 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 09:52 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 09:52 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 09:52 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 09:52 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 09:52 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 09:52 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:52 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 09:52 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 09:52 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:52 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:52 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 09:52 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-06 23:31 - 2015-09-06 23:31 - 00035227 _____ C:\Users\test\Downloads\Lars.odt
2015-09-05 12:25 - 2015-09-06 20:05 - 00000000 ____D C:\Users\test\Desktop\steffifotos
2015-09-02 10:12 - 2015-09-02 10:12 - 00000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-29 20:28 - 2015-08-29 20:28 - 00000000 ____D C:\Users\test\AppData\Roaming\Sun
2015-08-29 20:28 - 2015-08-29 20:28 - 00000000 ____D C:\Users\test\.oracle_jre_usage
2015-08-28 11:22 - 2015-09-23 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-25 13:39 - 2015-08-25 13:39 - 00012605 _____ C:\Users\test\Desktop\Inkasso_DB.odt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-23 13:38 - 2014-12-04 20:55 - 00000000 ____D C:\FRST
2015-09-23 13:07 - 2015-06-22 15:28 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1563124234-3292735695-2560974385-1000UA.job
2015-09-23 12:53 - 2009-07-14 06:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-23 12:53 - 2009-07-14 06:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-23 12:24 - 2011-09-01 17:54 - 01138942 _____ C:\Windows\WindowsUpdate.log
2015-09-23 12:03 - 2012-03-19 21:51 - 00002374 _____ C:\Windows\Sandboxie.ini
2015-09-23 11:52 - 2011-09-28 11:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-23 11:50 - 2014-02-05 00:26 - 00044210 _____ C:\Windows\PFRO.log
2015-09-23 11:50 - 2014-01-09 11:20 - 00104080 _____ C:\Windows\setupact.log
2015-09-23 11:50 - 2011-09-01 18:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-23 11:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-23 00:17 - 2013-03-21 10:44 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-23 00:16 - 2014-04-27 19:59 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-23 00:16 - 2013-12-19 13:08 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-23 00:16 - 2013-03-21 10:44 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-23 00:16 - 2013-03-21 10:44 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-23 00:16 - 2012-03-19 21:21 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-23 00:16 - 2012-03-19 21:21 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-23 00:16 - 2012-03-19 21:21 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-23 00:15 - 2012-04-19 06:56 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-09-23 00:15 - 2012-03-19 21:21 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-22 12:31 - 2012-03-19 21:22 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-20 00:14 - 2014-12-05 11:47 - 00225792 ___SH C:\Users\test\Desktop\Thumbs.db
2015-09-20 00:13 - 2015-06-22 15:28 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1563124234-3292735695-2560974385-1000Core.job
2015-09-17 22:59 - 2013-01-13 16:55 - 00000000 ____D C:\Users\test\AppData\Roaming\FreeDoko
2015-09-17 19:30 - 2011-09-11 16:58 - 00000000 ____D C:\Users\test\AppData\Roaming\vlc
2015-09-15 09:04 - 2011-09-28 11:09 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 09:04 - 2011-09-28 11:09 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 09:04 - 2011-09-28 11:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-14 20:17 - 2014-04-22 20:58 - 00000000 ____D C:\Users\test\AppData\Local\Deployment
2015-09-14 20:02 - 2011-09-04 12:18 - 00000000 ____D C:\Users\test\Documents\gothic3
2015-09-10 21:29 - 2011-10-21 13:28 - 00000000 ___RD C:\Users\test\Dropbox
2015-09-10 19:39 - 2011-10-21 13:25 - 00000000 ____D C:\Users\test\AppData\Roaming\Dropbox
2015-09-10 06:19 - 2012-04-02 14:58 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-10 06:19 - 2012-03-19 20:12 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-10 04:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-10 03:40 - 2009-07-14 06:45 - 00290448 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 03:39 - 2012-08-08 18:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-10 03:37 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 03:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 03:21 - 2013-08-14 22:53 - 00000000 ____D C:\Windows\system32\MRT
2015-09-04 13:37 - 2015-06-26 13:12 - 00000000 ____D C:\Users\test\Desktop\immas
2015-08-29 20:29 - 2013-12-17 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-29 20:29 - 2012-10-03 16:58 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-29 20:28 - 2011-09-01 17:54 - 00000000 ____D C:\Users\test
2015-08-29 20:27 - 2014-03-08 22:13 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-27 12:07 - 2012-03-19 20:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-08-26 18:37 - 2012-03-19 21:25 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-24 21:24 - 2012-01-10 17:37 - 00000000 ____D C:\Users\test\AppData\Roaming\Skype
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2007-03-12 19:59 - 2007-03-12 19:59 - 0299008 _____ () C:\Program Files (x86)\navigram_register.exe
2014-01-24 21:06 - 2014-01-24 21:09 - 0000624 _____ () C:\Users\test\AppData\Roaming\All CPU MeterV3_Settings.ini
2013-01-16 22:36 - 2013-01-16 22:36 - 0000268 ___RH () C:\Users\test\AppData\Roaming\Authentication
2013-01-16 22:37 - 2013-01-16 22:37 - 0000268 ___RH () C:\Users\test\AppData\Roaming\Automatic Filter
2013-01-16 22:36 - 2013-01-16 22:36 - 0000268 ___RH () C:\Users\test\AppData\Roaming\Automator
2013-01-16 22:36 - 2013-01-16 22:36 - 0000268 ___RH () C:\Users\test\AppData\Roaming\Brother
2013-04-25 21:54 - 2013-04-25 21:54 - 0003584 _____ () C:\Users\test\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-11 21:33 - 2015-02-16 21:18 - 0023552 _____ () C:\Users\test\AppData\Local\WebpageIcons.db
2013-01-16 22:36 - 2013-01-16 22:36 - 0000268 ___RH () C:\ProgramData\Basic Synth
2013-01-16 22:37 - 2013-01-16 22:37 - 0000268 ___RH () C:\ProgramData\Basic Track
2013-01-16 22:36 - 2013-01-16 22:36 - 0000268 ___RH () C:\ProgramData\Basics
2013-01-16 22:37 - 2013-01-16 22:37 - 0000012 ___RH () C:\ProgramData\Calibrators
2013-01-16 22:36 - 2013-01-16 22:36 - 0000012 ___RH () C:\ProgramData\Channel
2013-01-16 22:36 - 2013-01-16 22:36 - 0000012 ___RH () C:\ProgramData\CMMs
2013-01-16 22:36 - 2013-01-16 22:36 - 0000012 ___RH () C:\ProgramData\Core Data Application
2011-09-25 22:17 - 2012-03-19 20:31 - 0001773 _____ () C:\ProgramData\hpzinstall.log
2013-01-16 22:36 - 2013-01-16 22:36 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-01-16 22:37 - 2013-01-16 23:16 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-01-16 22:36 - 2013-01-16 23:03 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-01-16 22:36 - 2014-02-11 18:00 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Einige Dateien in TEMP:
====================
C:\Users\test\AppData\Local\Temp\20150630080728792jniverify.dll
C:\Users\test\AppData\Local\Temp\2015063008570996jniverify.dll
C:\Users\test\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplsblwi.dll
C:\Users\test\AppData\Local\Temp\jre-8u60-windows-au.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-22 14:25
==================== Ende von FRST.txt ============================ addition : Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von test (2015-09-23 13:39:45)
Gestartet von C:\Users\test\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-01 15:54:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
123 (S-1-5-21-1563124234-3292735695-2560974385-1005 - Limited - Enabled) => C:\Users\123
Administrator (S-1-5-21-1563124234-3292735695-2560974385-500 - Administrator - Disabled)
Familie (S-1-5-21-1563124234-3292735695-2560974385-1004 - Limited - Enabled) => C:\Users\Familie
Gast (S-1-5-21-1563124234-3292735695-2560974385-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1563124234-3292735695-2560974385-1003 - Limited - Enabled)
test (S-1-5-21-1563124234-3292735695-2560974385-1000 - Administrator - Enabled) => C:\Users\test
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Age of Empires III Trial (HKLM-x32\...\InstallShield_{25B25C84-6132-4662-972B-4E4DC1B00C98}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III Trial (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Amazon Music (HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM-x32\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004630782.48.56.2690282 - Audible, Inc.)
Avast Internet Security (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.01.0000 - Ubisoft)
Call of Juarez - Bound in Blood (x32 Version: 1.01.0000 - Ubisoft) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Chrome (HKLM-x32\...\InstallShield_{5281E5CC-70B1-4B1B-8731-B8533C9E5EEE}) (Version: 1.2.0.0 - Techland)
Chrome (x32 Version: 1.2.0.0 - Techland) Hidden
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{9D2D6008-1122-47F3-8322-D6235CD8D1C5}) (Version: 3.1.08009 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.08009 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.08009 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die Gilde 2 (HKLM-x32\...\TheGuild2) (Version: - )
Die Siedler II - Die nächste Generation (HKLM-x32\...\S2TNG) (Version: - )
Dropbox (HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
EA SPORTS FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.3.0.58666 - Electronic Arts, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
FreeDoko 0.7.11 (HKLM-x32\...\FreeDoko) (Version: 0.7.11 - Borg Enders und Diether Knof)
GIMP 2.6.12 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\{17BADF87-3597-46FE-8D74-69C4FA78883E}) (Version: 1.0.0 - JoWood)
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Guild 2 Patch (HKLM-x32\...\{0C6F0F18-61EE-457C-BA92-055FA151B90A}) (Version: 1.0.0 - JoWood)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version: 3.2.2.0 - Ifolor AG)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Jardinains 2! Lite Version 1.1 (HKLM-x32\...\{10F081B4-0B50-46D8-ABB6-B1E696EB2823}_is1) (Version: 1.1 - Magic Chopstick Games)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: - )
Menschen A2-1 Lerner-DVD-ROM zum Kursbuch (HKLM-x32\...\de.hueber.menschena21izu) (Version: 1.0 - Hueber Verlag GmbH & Co KG)
Menschen A2-1 Lerner-DVD-ROM zum Kursbuch (x32 Version: 1.0 - Hueber Verlag GmbH & Co KG) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Moorhuhn Remake (HKLM-x32\...\{52210D57-0B1F-4681-90DD-8659DF4BCC40}) (Version: 1.00.0000 - )
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
MyFreeCodec (HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\MyFreeCodec) (Version: - )
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.10000.1.0 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.7.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
OpenTTD 1.2.1 (HKLM-x32\...\OpenTTD) (Version: 1.2.1 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Patch v2.2 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version: - RUNEFORGE Games Studios)
PDF Creator (HKLM\...\PDF Creator) (Version: - )
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.9 - Nikon)
Pixum ePrint 1.2 (HKLM-x32\...\Pixum ePrint) (Version: 1.2.5105.10000 - Diginet GmbH & Co. KG)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerTH (HKLM-x32\...\PokerTH 1.0) (Version: 1.0 - www.pokerth.net)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - THQ)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15013.18 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15013.18 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 3.64 (64-bit) (HKLM\...\Sandboxie) (Version: 3.64 - SANDBOXIE L.T.D)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shadowrun (HKLM-x32\...\InstallShield_{8B3B9003-D3E5-45E3-8CCE-CDDDB111F42D}) (Version: 1.00.0000 - Microsoft Game Studios)
Shadowrun (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sigel Professional Label Software SE (HKLM-x32\...\Sigel Professional Label Software SE) (Version: - )
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: - )
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Tuned! (HKLM-x32\...\Tuned!) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu One (HKLM-x32\...\Ubuntu One 4.1.91) (Version: 4.1.91 - Canonical)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.7.1 - Nikon)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VoiceTracer (HKLM-x32\...\{8CBDEFB9-E1BF-4F84-A47C-1DD604232001}) (Version: 2.1 - )
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Weltraum Tycoon (HKLM-x32\...\{91E5B1AB-B818-42A8-A3A3-A6B4F6D62A55}) (Version: 1.00.0000 - IncaGold)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
Zattoo Live TV (HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\...\6d7aa3e3bf931c56) (Version: 1.0.0.47 - Zattoo Europa AG)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-1563124234-3292735695-2560974385-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\test\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
==================== Wiederherstellungspunkte =========================
19-05-2015 09:18:37 Geplanter Prüfpunkt
26-05-2015 14:17:25 Geplanter Prüfpunkt
31-05-2015 01:24:21 Windows Update
31-05-2015 20:27:21 Windows Update
08-06-2015 15:05:14 Geplanter Prüfpunkt
10-06-2015 23:29:42 Windows Update
18-06-2015 13:12:04 Geplanter Prüfpunkt
30-06-2015 20:08:05 Installed Cisco AnyConnect Secure Mobility Client
20-07-2015 03:00:55 Windows Update
22-07-2015 03:00:29 Windows Update
27-07-2015 15:00:53 Installed TomTom HOME.
27-07-2015 15:08:00 Installed TomTom HOME.
12-08-2015 03:00:51 Windows Update
19-08-2015 10:38:18 Geplanter Prüfpunkt
20-08-2015 03:00:35 Windows Update
28-08-2015 11:24:39 Geplanter Prüfpunkt
07-09-2015 00:51:31 Geplanter Prüfpunkt
10-09-2015 03:00:36 Windows Update
18-09-2015 21:06:53 Geplanter Prüfpunkt
23-09-2015 00:12:31 avast! antivirus system restore point
23-09-2015 00:17:14 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-12-12 10:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {093C1A7C-8668-425F-A542-1280524E18BC} - System32\Tasks\{75572544-9BDF-4DBA-A9CC-81E47DE6617B} => C:\Program Files (x86)\Philips\VoiceTracer\Philips.exe [2005-02-21] ()
Task: {09E68BD3-1286-4174-A9CB-226EC3FB87DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0DB8A086-64A7-478F-ADCD-85EC171FAB88} - System32\Tasks\{49A85A94-0B5E-4811-A2A2-355E83D95420} => C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiB_AutoUpdater.exe [2009-08-13] (Ubisoft)
Task: {16CD3CCA-9595-4BBE-B3AC-286BB4AC48AE} - System32\Tasks\{A4D3032C-BA51-42B1-9E99-9C34F7B3D02F} => C:\Program Files (x86)\Philips\VoiceTracer\Philips.exe [2005-02-21] ()
Task: {1A61A6C0-C016-4B4A-820E-352AB88002C6} - System32\Tasks\{27D028D8-8B68-4CEF-AC05-D61C2C5C9F71} => C:\Program Files (x86)\Philips\VoiceTracer\Philips.exe [2005-02-21] ()
Task: {33EAD629-32A3-40E4-8670-4A0B5577B550} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-23] (AVAST Software)
Task: {41B31B37-E755-4D92-8AFB-61933D3998A2} - System32\Tasks\{18969095-5B9D-4039-8187-377A3320A44C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {422244D0-9B0B-4F6B-B31A-6F000B5B6635} - System32\Tasks\{D2ACE2F9-DE90-4A70-B6EA-C52D7C597CB6} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?page=tsProgressBar
Task: {59AAA636-3C8C-40D4-A37D-F8F48C632B19} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1563124234-3292735695-2560974385-1000UA => C:\Users\test\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {6FD4CE42-1A72-4055-9A31-853B3BC9B456} - System32\Tasks\{C088CED2-E64B-44C4-855B-D8FFB6B772BD} => C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe [2009-08-27] (Techland)
Task: {74801660-9A42-4397-8531-EA9B2A58E8CD} - System32\Tasks\{E0B4BC0A-B510-4A9C-80F0-16180C399DEB} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?page=tsProgressBar
Task: {8217D2E1-F100-4F1E-8679-F26B3FC870F1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1563124234-3292735695-2560974385-1000Core => C:\Users\test\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {86A06089-A5AA-4DCC-B22F-0F3D22AD1882} - System32\Tasks\{A232395D-88CA-41FC-891F-C6244902E024} => pcalua.exe -a C:\Users\test\Downloads\stk-ww-0-3.exe -d C:\Users\test\Downloads
Task: {8D2F8512-7E0E-4678-A15F-F94A0FEBF67B} - System32\Tasks\{DE4012DE-763D-4E24-88B6-35DE7071EA05} => pcalua.exe -a C:\Windows\unvise32.exe -d C:\Windows -c \Microsoft\Windows\CurrentVersion\SharedDlls
Task: {936D34B8-AB6A-40F1-A48E-BD604A5FE10A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {9E303889-FB3A-469B-9D1E-453AFD64B7DC} - System32\Tasks\{CE652577-DE1D-4B96-A653-84975D502870} => D:\AutoRun.exe
Task: {9EDE299E-05C9-4271-B3DD-401B9185CBDF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A05AA69E-7140-43BF-885C-10D16AC7A837} - System32\Tasks\{7E5E5E88-73C5-4D21-80A8-AD53740C286D} => pcalua.exe -a C:\Users\test\Downloads\zeusep1_1.exe -d C:\Users\test\Downloads
Task: {A2DC150E-0C8F-4718-906B-614360F0DD64} - System32\Tasks\{8DD1458B-7BAE-4093-9A89-4ACCCD43B7AF} => C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiB_AutoUpdater.exe [2009-08-13] (Ubisoft)
Task: {B9EDF896-595E-439F-BEF6-7A8D7A333C7F} - System32\Tasks\{7A375716-DCA5-4A2D-A790-844C2ACD44DB} => pcalua.exe -a C:\Users\test\Downloads\install_tuned.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {C17BD53C-62F5-4594-94BC-3CECE46F00DE} - System32\Tasks\{AF9DDD91-9A9F-4EC1-8B25-93FE6E2F47F9} => C:\Program Files (x86)\Philips\VoiceTracer\Philips.exe [2005-02-21] ()
Task: {C2931181-F2F4-4558-889A-9458A9BA2351} - System32\Tasks\{B865BAD0-6616-4490-A421-BA87930DB9E9} => C:\Program Files (x86)\Philips\VoiceTracer\Philips.exe [2005-02-21] ()
Task: {C54E569C-3F9B-4780-B4C1-EC5CA973EE96} - System32\Tasks\{8F1171B3-2165-4894-A7DA-C7F96E2370FD} => C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe [2009-08-27] (Techland)
Task: {DBB60354-C3DB-4B3B-ADCA-9CEDB8DDBD7C} - System32\Tasks\{56481D69-4F84-42E9-BEA7-AD7B8CB2CB56} => D:\AutoRun.exe
Task: {FB5B1C9B-19F7-4F72-A178-5841B9433E1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1563124234-3292735695-2560974385-1000Core.job => C:\Users\test\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1563124234-3292735695-2560974385-1000UA.job => C:\Users\test\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-11-18 23:32 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-17 14:18 - 2011-10-04 22:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-11-30 12:19 - 2014-11-19 02:55 - 06277952 _____ () C:\Users\test\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-03-24 13:10 - 2013-02-22 23:32 - 00137864 _____ () C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe
2013-03-24 13:10 - 2013-02-22 23:32 - 00130184 _____ () C:\Program Files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe
2013-03-24 13:10 - 2013-02-22 23:32 - 00130696 _____ () C:\Program Files (x86)\ubuntuone\dist\ubuntu-sso-login.exe
2015-04-20 17:46 - 2015-04-20 17:46 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-09-23 00:16 - 2015-09-23 00:16 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-23 00:16 - 2015-09-23 00:16 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-23 00:11 - 2015-09-23 00:11 - 02965504 _____ () C:\Program Files\AVAST Software\Avast\defs\15092201\algo.dll
2015-09-23 11:52 - 2015-09-23 11:52 - 02965504 _____ () C:\Program Files\AVAST Software\Avast\defs\15092300\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-24 13:10 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\ubuntuone\dist\win32api.pyd
2013-03-24 13:10 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\ubuntuone\dist\pywintypes27.dll
2013-03-24 13:10 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\ubuntuone\dist\pythoncom27.dll
2013-03-24 13:10 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\ubuntuone\dist\win32com.shell.shell.pyd
2013-03-24 13:10 - 2012-04-11 07:31 - 00040960 _____ () C:\Program Files (x86)\ubuntuone\dist\_socket.pyd
2013-03-24 13:10 - 2012-04-11 07:31 - 00721920 _____ () C:\Program Files (x86)\ubuntuone\dist\_ssl.pyd
2013-03-24 13:10 - 2012-11-09 05:37 - 00019968 _____ () C:\Program Files (x86)\ubuntuone\dist\zope.interface._zope_interface_coptimizations.pyd
2013-03-24 13:10 - 2012-11-09 05:36 - 00006656 _____ () C:\Program Files (x86)\ubuntuone\dist\twisted.python._initgroups.pyd
2013-03-24 13:10 - 2012-04-11 07:31 - 00285184 _____ () C:\Program Files (x86)\ubuntuone\dist\_hashlib.pyd
2013-03-24 13:10 - 2012-04-11 07:31 - 00074240 _____ () C:\Program Files (x86)\ubuntuone\dist\_ctypes.pyd
2013-03-24 13:10 - 2012-09-29 15:15 - 01660928 _____ () C:\Program Files (x86)\ubuntuone\dist\PyQt4.QtCore.pyd
2013-03-24 13:10 - 2012-09-29 15:08 - 00068096 _____ () C:\Program Files (x86)\ubuntuone\dist\sip.pyd
2013-03-24 13:10 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\ubuntuone\dist\win32process.pyd
2013-03-24 13:10 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\ubuntuone\dist\win32security.pyd
2013-03-24 13:10 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\ubuntuone\dist\win32file.pyd
2013-03-24 13:10 - 2012-04-11 07:31 - 00009728 _____ () C:\Program Files (x86)\ubuntuone\dist\select.pyd
2013-03-24 13:10 - 2012-11-09 05:36 - 00055808 _____ () C:\Program Files (x86)\ubuntuone\dist\OpenSSL.crypto.pyd
2013-03-24 13:10 - 2012-11-09 05:36 - 00010240 _____ () C:\Program Files (x86)\ubuntuone\dist\OpenSSL.rand.pyd
2013-03-24 13:10 - 2012-11-09 05:36 - 00043008 _____ () C:\Program Files (x86)\ubuntuone\dist\OpenSSL.SSL.pyd
2013-03-24 13:10 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\ubuntuone\dist\win32event.pyd
2013-03-24 13:10 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\ubuntuone\dist\win32gui.pyd
2013-03-24 13:10 - 2012-10-27 16:20 - 00015872 _____ () C:\Program Files (x86)\ubuntuone\dist\win32trace.pyd
2013-03-24 13:10 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\ubuntuone\dist\win32pipe.pyd
2013-03-24 13:10 - 2012-09-29 15:27 - 05810688 _____ () C:\Program Files (x86)\ubuntuone\dist\PyQt4.QtGui.pyd
2013-03-24 13:10 - 2012-09-29 15:28 - 00495104 _____ () C:\Program Files (x86)\ubuntuone\dist\PyQt4.QtNetwork.pyd
2013-03-24 13:10 - 2012-04-11 07:31 - 00686592 _____ () C:\Program Files (x86)\ubuntuone\dist\unicodedata.pyd
2015-09-23 00:16 - 2015-09-23 00:16 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-24 13:10 - 2012-11-09 05:36 - 00031232 _____ () C:\Program Files (x86)\ubuntuone\dist\Crypto.Cipher.AES.pyd
2015-09-10 06:19 - 2015-09-10 06:19 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
2014-02-11 21:29 - 2014-02-11 21:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1563124234-3292735695-2560974385-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MyDriveConnect.exe => "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: Ubuntu One => "C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe"
MSCONFIG\startupreg: Ubuntu One Icon => "C:\Program Files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe" --minimized --with-icon
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1510B86F-F4CB-41E3-A8E2-463C94E325AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{048C3463-73AE-498C-9C2E-67C4994DDD1A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{AFAA4DB1-ADF2-4F50-A397-23AB013A7F9A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{629D243F-25DF-4224-9004-89F30271845C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{38FAF65C-1BE4-4CC3-882F-E1B66514DB24}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{C86AEC3B-2D21-447F-96D9-6198083E501B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{05CC67EF-4144-4EA9-A924-56A349310190}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{CE57D6B1-8824-446A-B9BE-D110CC4373E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{279214D8-42BD-4057-BB5D-C5C3B5F62325}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B0961CEB-E3B6-4996-AEB9-845AE1070FE9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{37CA98B5-9822-4D28-BC91-9438A4AFE006}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{9077DED3-80DA-4BB3-9B5A-2F5E99F570A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{FA40C9BF-ADA5-4C70-BB41-7BB540DF20B8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{9A7DEFF9-2DB9-4786-9DB9-ACCBD6A77F01}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{32DC76AB-B63F-4412-B6B3-7BB8896ED039}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{849FBA4D-B5B5-403F-93BF-4507DE1F5456}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{26D020D7-9321-436F-8DBA-F53880897FAB}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{C040D842-3A8B-4F28-ADE3-A4FF183EC88E}] => (Allow) C:\Users\test\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5623FDC9-84FD-4CDA-B40E-0F7CDE1834ED}] => (Allow) C:\Users\test\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{6AFA8631-CC10-4152-8E3D-9A53FEEEB405}C:\users\test\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\test\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FAF979FC-5DDD-420D-9A1B-AE2A97551356}C:\users\test\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\test\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{FBCC42EC-90B6-4183-B9BD-AE9446B424EC}C:\users\test\appdata\local\mediaget2\mediaget.exe] => (Allow) C:\users\test\appdata\local\mediaget2\mediaget.exe
FirewallRules: [UDP Query User{EBEC47C1-9BA0-4BE0-9A53-ECD4B79631B7}C:\users\test\appdata\local\mediaget2\mediaget.exe] => (Allow) C:\users\test\appdata\local\mediaget2\mediaget.exe
FirewallRules: [{483B8843-20B6-424C-813A-9A77791387F3}] => (Allow) C:\Users\test\Downloads\SweetImSetup.exe
FirewallRules: [{D05E7011-B7C4-4DC3-82A6-669798E6CD10}] => (Allow) C:\Users\test\Downloads\SweetImSetup.exe
FirewallRules: [TCP Query User{33B3F19D-D747-4D88-846D-26D4CDDC7C47}C:\users\test\downloads\filezilla_3.5.2-rc1_win32\filezilla-3.5.2-rc1\filezilla.exe] => (Allow) C:\users\test\downloads\filezilla_3.5.2-rc1_win32\filezilla-3.5.2-rc1\filezilla.exe
FirewallRules: [UDP Query User{7A07867E-627B-4788-A38F-202ABD820466}C:\users\test\downloads\filezilla_3.5.2-rc1_win32\filezilla-3.5.2-rc1\filezilla.exe] => (Allow) C:\users\test\downloads\filezilla_3.5.2-rc1_win32\filezilla-3.5.2-rc1\filezilla.exe
FirewallRules: [{900BD36D-9D8E-4069-95E8-C10F8B4D2CEA}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{3E06E713-D830-410F-BFC6-4243278660F6}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{2C8FA56F-F660-4AB5-9651-3E15B093CB1E}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{812DA41E-6CFC-4648-9B14-744DE3E78F4D}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{CEA8C132-8A53-4A4C-AF4F-78110835DDE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B47CA010-8567-4736-BABD-C003F5D3DA98}] => (Allow) LPort=2869
FirewallRules: [{2BDF5BA2-3DED-4E27-96AB-266B2420C3BA}] => (Allow) LPort=1900
FirewallRules: [{77CE54E5-0455-4EDC-89A2-B30B366237F9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{152E1EDF-84C0-4392-9A04-95E16097459D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B4A93525-E0D3-421B-B93F-0CE616552512}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{4CE55FAD-5445-47A7-8DB4-74452F6AC910}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{0F565524-E0E8-4453-8D3D-92B963F7BC81}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{2C618972-6AA3-4AA6-A3DA-02BB67206FD5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{854FF8C8-CC25-4BAD-958C-612AEA72C255}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl2\bin\XR_3DA.exe
FirewallRules: [{9E079A0E-2AB4-48FF-A603-5238B5C6EFE5}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl2\bin\XR_3DA.exe
FirewallRules: [{48982B70-9F97-485D-811E-412C8852B8AE}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl2\bin\dedicated\XR_3DA.exe
FirewallRules: [{D4A3E29A-5B67-47D3-ABBB-423D38660290}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl2\bin\dedicated\XR_3DA.exe
FirewallRules: [{78788DCB-D6BF-44D6-898D-789FAE0C886E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Shadowrun\Shadowrun.exe
FirewallRules: [{EB99F766-F595-459B-BBD8-C0D8DB1DDB43}] => (Allow) C:\Program Files (x86)\Microsoft Games\Shadowrun\Shadowrun.exe
FirewallRules: [TCP Query User{64C47C29-5A69-4281-A20D-EDD307192B93}C:\program files (x86)\freedoko\freedoko.exe] => (Block) C:\program files (x86)\freedoko\freedoko.exe
FirewallRules: [UDP Query User{C5CAE876-FA90-43D3-AACC-20C1E86EB9E6}C:\program files (x86)\freedoko\freedoko.exe] => (Block) C:\program files (x86)\freedoko\freedoko.exe
FirewallRules: [{61BE5DA3-DE9C-4A16-8083-CEC5B1A6997B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9CCC59EB-9BFA-4812-97B7-B5967DC01F27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D0538F95-1F45-4087-A064-37140B4CE3DD}] => (Allow) C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe
FirewallRules: [{5829DA11-708E-4E8D-8BC8-A5E2B2514E9F}] => (Allow) C:\Program Files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe
FirewallRules: [{132A6FD8-9356-4372-9928-3A88A2814102}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{CF6E87CA-F46A-46E4-9F28-BADB1C43BEB2}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{0788D6E2-3116-4581-8FD9-D096DB4614DC}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{129EF5AD-3F08-4C7B-A233-14637231B177}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{310B4FED-90C5-4850-9168-418BEF382565}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6EB935B6-DEE6-4B40-ADED-22F24E718F2E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4BC7CEC6-FB0C-4099-AFB2-1E82A6F17C45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61B92D63-D2D8-46BC-89CF-214807C51201}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D434C44A-F08E-425A-82E6-61FAF86F3FC4}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{1D2C636C-21CB-42F2-9010-DC6E1A600100}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{179502D0-4EC5-4938-8514-C88718519CEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{68913A99-EBF7-4240-8719-41244669697B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B2EBF048-C131-4DEB-A89A-F99690F6B755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DE294AF2-B05B-47EF-A532-15ACBBDD1EE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{92AB7A61-5095-4379-B333-12BB236E0487}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A0AA9EB2-0913-47DC-B97E-4D121AE2DF5E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3E1EF96-3F7C-46EE-8089-BFB34C62D6F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{5AFA7876-1B2E-40E6-89DE-40803E9A8369}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E079C7EB-512E-41E0-96BC-99D63884FB28}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AAD24BCA-B706-4985-AEA9-AA099125AF78}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{545285ED-76E4-43E0-89AD-828DD6D25902}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{B43B7562-C9AA-4989-BD93-0DEC4FA99408}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D162AB61-74C1-4188-88C6-4D21F78EFC8F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FA834551-5CBB-4F0B-9D32-A97D7C32FBBA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{65AECC0C-55DD-4BA4-BAC8-EA2EBB4D9FBE}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [UDP Query User{66C4472A-48A1-4CBE-9F91-0D66F3180C2E}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [{FFEE38FC-D8B3-480B-8F18-6BA78EFA729E}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{FF57F8C1-6627-4CF2-A2C4-E86DD5B6F56A}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{B465DF56-FCE1-4DE2-BE40-34EEE56D90F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{F3F9DDDB-7D8D-4E4B-9386-8828B82DA6E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{A2DE69E4-1313-4AE5-9768-EF5BF705AFCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{E9AADEAC-B643-4B0D-A6FC-F8150E4915D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{E4F24A0C-7C99-4AF9-A608-ACD1261C2A19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{9BA9F450-8A77-445A-BF5C-C41706C327ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{B480D9E3-866A-4251-9B89-754C13217C42}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{86A9296E-DDDA-4EA3-B014-FCB96EB7EDA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BC82BBE6-7754-4A2A-8EC1-34C7C78C6534}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/23/2015 11:52:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2015 11:51:22 AM) (Source: NVNetworkService) (EventID: 0) (User: )
Description: NVNetworkServiceTime out when waiting for RPC server started event.
Error: (09/23/2015 11:50:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (09/22/2015 11:18:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10998
Error: (09/22/2015 11:18:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10998
Error: (09/22/2015 11:18:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/22/2015 11:18:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10000
Error: (09/22/2015 11:18:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10000
Error: (09/22/2015 11:18:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/22/2015 11:18:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9001
Systemfehler:
=============
Error: (09/23/2015 01:35:29 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (09/23/2015 11:52:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (09/23/2015 11:51:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/23/2015 11:50:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (09/22/2015 08:21:57 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (09/22/2015 08:21:57 PM) (Source: WMPNetworkSvc) (EventID: 14365) (User: )
Description: 0x80004004-1
Error: (09/22/2015 07:35:52 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (09/22/2015 07:35:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (09/22/2015 01:52:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (09/22/2015 01:52:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
CodeIntegrity:
===================================
Date: 2013-12-12 09:46:03.050
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-12-12 09:46:02.953
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X4 840 Processor
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 4095.37 MB
Verfügbarer physikalischer RAM: 1523.39 MB
Summe virtueller Speicher: 8188.94 MB
Verfügbarer virtueller Speicher: 4279.04 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:116.35 GB) NTFS
Drive i: (INTENSO) (Fixed) (Total:465.64 GB) (Free:124.7 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 820DBBF4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 465.8 GB) (Disk ID: 2B86AFB1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================ andere scans hab ich nicht |