| |
| |||||||
Log-Analyse und Auswertung: Windows 7 / Chrome - Neue Tabs öffnen sich selbständigWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.10.2014, 21:54
| #1 |
| |  Windows 7 / Chrome - Neue Tabs öffnen sich selbständig Hallo ihr Lieben  "mein" Problem wurde hier schon angesprochen, allerdings ist der Thread mittlerweile zu und ich brauche möglichst schnell Hilfe, daher der neue Thread mit dem leidlichen Thema: Vor Kurzem hat sich wohl jemand in meinen Facebook-Account gehackt. Ich hatte 4 Gruppenunterhaltungen geöffnet und meinen Freunden angeblich etwas gepostet. Ein paar Tage davor hatte einer meiner Freunde scheinbar dasselbe Problem. Da ich allerdings öfter mit ihm schreibe, kam es mir nicht komisch vor, dass er mir was schickt, also habe ich es geöffnet und kurz danach wundersamer Weise den gleichen Mist wie von Zauberhand weitergeleitet, obwohl ich nichtmal am PC war. Da hab ich mir dann wohl was eingefangen... Seit ein paar Tagen spinnt der PC völlig. Jedesmal wenn ich Chrome öffne und im Internet unterwegs bin, öffnet sich alle paar Sekunden ein neuer Tab. Es taucht Werbung auf Seiten auf, auf denen sonst solche Pop-Up-Fenster nie zu sehen waren usw. Bin bissl verzweifelt, ich muss dazu sagen, dass ich zwar ein gewisses Grundwissen habe, was PC usw. angeht, aber ich trau mich nicht, da selbst einfach rumzuwerkeln, will es nicht schlimmer machen. Vielleicht kann mir jemand helfen? LG Lowrain Achja: Bitte nachsichtig mit mir sein - Frauen und Technik is einfach manchmal schwierig  |
|
02.10.2014, 23:00
| #2 |
| Ruhe in Frieden † 2019     | Windows 7 / Chrome - Neue Tabs öffnen sich selbständig Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. ´Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Schritt 1 ´Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
02.10.2014, 23:45
| #3 |
| | Windows 7 / Chrome - Neue Tabs öffnen sich selbständig Hallo Sandra,
__________________vielen Dank schonmal für die schnelle Antwort. Hab mich sogar gleich noch an die Arbeit gemacht, damit die Logfiles "heute" noch ankommen  Ich hoffe ja, dass ich nicht zwingend formatieren muss. Ich machs nich gerne, immer das Datensichern vorher *hmpf* ... aber das wirst Du mir sicher eher sagen können, obs notwendig ist Danke Dir vorab! LG Lowrain FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Jennefa (administrator) on JENNEFA-PC on 03-10-2014 00:31:18
Running from C:\Users\Jennefa\Downloads
Loaded Profile: Jennefa (Available profiles: Jennefa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\POsd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Users\Jennefa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\WiseEnhance\updateWiseEnhance.exe
() C:\Program Files (x86)\WiseEnhance\bin\utilWiseEnhance.exe
() C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BrowserAdapter.exe
() C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BrowserAdapter64.exe
() C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.PurBrowse64.exe
() C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BRT.Helper.exe
() C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BOASHelper.exe
() C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BOASPRT.exe
() C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BOAS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [4055552 2010-11-08] (Sentelic Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-04-15] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [228448 2011-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-610939652-828115785-2253814009-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-610939652-828115785-2253814009-1000\...\Run: [Amazon Cloud Player] => C:\Users\Jennefa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-610939652-828115785-2253814009-1000\...\MountPoints2: {bd562853-c1aa-11e3-91b5-386077d17015} - F:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites02_14_18_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CyCyDzy0AzyyDtB0EtCtBtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtA0FtBzyyD0EtG0ByBtCtDtGtD0AyEtBtGyEyDyDyBtGyE0BtC0EyD0DtA0C0EtAtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDzy0D0EyE0FyBtGzy0B0C0AtG0AyEtC0CtGzyzyyC0BtGyE0FyC0B0A0D0CyDyCtC0Czz2Q&cr=817762774&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites02_14_18_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CyCyDzy0AzyyDtB0EtCtBtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtA0FtBzyyD0EtG0ByBtCtDtGtD0AyEtBtGyEyDyDyBtGyE0BtC0EyD0DtA0C0EtAtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDzy0D0EyE0FyBtGzy0B0C0AtG0AyEtC0CtGzyzyyC0BtGyE0FyC0B0A0D0CyDyCtC0Czz2Q&cr=817762774&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites02_14_18_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CyCyDzy0AzyyDtB0EtCtBtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtA0FtBzyyD0EtG0ByBtCtDtGtD0AyEtBtGyEyDyDyBtGyE0BtC0EyD0DtA0C0EtAtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDzy0D0EyE0FyBtGzy0B0C0AtG0AyEtC0CtGzyzyyC0BtGyE0FyC0B0A0D0CyDyCtC0Czz2Q&cr=817762774&ir=
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {67B91621-8512-43BF-85CE-0365362CFE11} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_18_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CyCyDzy0AzyyDtB0EtCtBtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtA0FtBzyyD0EtG0ByBtCtDtGtD0AyEtBtGyEyDyDyBtGyE0BtC0EyD0DtA0C0EtAtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDzy0D0EyE0FyBtGzy0B0C0AtG0AyEtC0CtGzyzyyC0BtGyE0FyC0B0A0D0CyDyCtC0Czz2Q&cr=817762774&ir=
SearchScopes: HKCU - {67B91621-8512-43BF-85CE-0365362CFE11} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_18_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CyCyDzy0AzyyDtB0EtCtBtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtA0FtBzyyD0EtG0ByBtCtDtGtD0AyEtBtGyEyDyDyBtGyE0BtC0EyD0DtA0C0EtAtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDzy0D0EyE0FyBtGzy0B0C0AtG0AyEtC0CtGzyzyyC0BtGyE0FyC0B0A0D0CyDyCtC0Czz2Q&cr=817762774&ir=
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: WiseEnhance -> {bc8c4384-d19c-474b-a298-c90b7e5c5204} -> C:\Program Files (x86)\WiseEnhance\WiseEnhanceBHO.dll (WiseEnhance)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WiseEnhance) - C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\loepaecnehfgonejbbblmobcfmcafbfe [2014-09-30]
CHR Extension: (Word²) - C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibnckjjeaabeepofhfmmpjmnomohee [2013-02-03]
CHR Extension: (Google Wallet) - C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Aztec Drop) - C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmeglpffblgeibddiihnafkihmkleje [2013-02-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-10-07] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 Update WiseEnhance; C:\Program Files (x86)\WiseEnhance\updateWiseEnhance.exe [522528 2014-10-02] ()
R2 Util WiseEnhance; C:\Program Files (x86)\WiseEnhance\bin\utilWiseEnhance.exe [522528 2014-10-02] ()
S2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64; C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys [61120 2014-04-24] (StdLib)
R1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64; C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64.sys [61120 2014-06-18] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-03 00:31 - 2014-10-03 00:32 - 00015887 _____ () C:\Users\Jennefa\Downloads\FRST.txt
2014-10-03 00:30 - 2014-10-03 00:31 - 00000000 ____D () C:\FRST
2014-10-03 00:30 - 2014-10-03 00:30 - 02109440 _____ (Farbar) C:\Users\Jennefa\Downloads\FRST64.exe
2014-10-02 19:42 - 2014-09-30 16:29 - 00770384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-10-02 19:41 - 2014-10-02 19:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-30 19:12 - 2014-10-02 19:39 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awakening - Der Wald der roten Blaetter
2014-09-30 19:12 - 2014-10-02 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awakening - Der Wald der roten Blaetter
2014-09-30 19:12 - 2014-09-30 19:13 - 00000000 ____D () C:\Program Files (x86)\Awakening - Der Wald der roten Blaetter
2014-09-30 19:01 - 2014-09-30 19:01 - 00002101 _____ () C:\Users\Jennefa\Downloads\bfg_receipt_221211178.txt
2014-09-30 18:58 - 2014-09-30 18:59 - 00237568 _____ (Big Fish Games) C:\Users\Jennefa\Downloads\bigfishgames_p221211178_s2_l2.exe
2014-09-13 01:18 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 01:18 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 01:18 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 01:18 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 01:18 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 01:18 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 01:18 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 01:18 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 01:18 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 01:18 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 01:18 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 01:18 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 01:18 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 01:18 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 01:18 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 01:18 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 01:18 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 01:18 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 01:18 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 01:18 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 01:18 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 01:18 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 01:18 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 01:18 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 01:18 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 01:18 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 01:18 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 01:18 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 01:18 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 01:18 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 01:18 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 01:18 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 01:18 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 01:18 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 01:18 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 01:18 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 01:18 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 01:18 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 01:18 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 01:18 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 01:18 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 01:18 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 01:18 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 01:18 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 01:18 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 01:18 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 01:18 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 01:18 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 01:18 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 01:18 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 01:18 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 01:18 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 01:18 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 01:18 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 01:18 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 01:18 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 01:08 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 01:08 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 23:02 - 2014-09-12 23:02 - 00385520 _____ () C:\Users\Jennefa\Downloads\MediaPlayerClassic_RocketFuelInstaller (2).exe
2014-09-12 22:09 - 2014-09-12 22:09 - 00385520 _____ () C:\Users\Jennefa\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe
2014-09-12 17:54 - 2014-09-12 17:54 - 00385520 _____ () C:\Users\Jennefa\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2014-09-12 16:44 - 2014-09-12 16:44 - 01344680 _____ () C:\Users\Jennefa\Downloads\Player.exe
2014-09-12 14:04 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 14:04 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 14:04 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 14:04 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 14:03 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 14:03 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 14:03 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 14:03 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 14:03 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 14:03 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 14:03 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-03 00:27 - 2013-02-03 00:36 - 01793185 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 23:48 - 2014-04-28 23:42 - 00000000 ____D () C:\Program Files (x86)\WiseEnhance
2014-10-02 23:48 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-10-02 23:35 - 2013-02-03 00:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 19:48 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 19:48 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 19:41 - 2013-02-18 02:56 - 00000000 ____D () C:\Users\Jennefa\Desktop\BigFishGames
2014-10-02 19:41 - 2013-02-03 00:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 19:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 19:40 - 2009-07-14 06:51 - 00142864 _____ () C:\Windows\setupact.log
2014-10-02 19:39 - 2013-08-04 03:34 - 00000000 ____D () C:\BigFishCache
2014-10-02 19:39 - 2013-02-03 15:18 - 00000000 __RHD () C:\MSOCache
2014-10-02 19:39 - 2013-02-03 15:13 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\SoftGrid Client
2014-10-02 19:39 - 2013-02-03 00:46 - 00000000 ____D () C:\Users\Jennefa
2014-10-02 19:39 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-02 19:39 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-02 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-10-02 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-02 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-30 20:11 - 2011-03-15 00:27 - 00000000 ____D () C:\ProgramData\Temp
2014-09-30 19:14 - 2013-04-09 18:25 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\Boomzap
2014-09-30 19:01 - 2013-05-27 22:28 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-09-30 19:01 - 2011-06-28 21:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-30 18:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-09-21 14:20 - 2014-07-27 02:11 - 00000000 ____D () C:\Users\Jennefa\AppData\Local\Windows Live
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 01:17 - 2013-02-03 15:12 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 01:17 - 2011-02-10 21:25 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 01:17 - 2011-02-10 21:25 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 01:16 - 2013-08-15 01:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 01:16 - 2009-07-14 07:13 - 01596516 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 01:09 - 2011-02-10 22:56 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 01:08 - 2014-05-02 19:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-05 18:08 - 2013-03-10 16:06 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\Blue Tea Games
Some content of TEMP:
====================
C:\Users\Jennefa\AppData\Local\Temp\bfguni.exe
C:\Users\Jennefa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxfpexa.dll
C:\Users\Jennefa\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Jennefa\AppData\Local\Temp\tempmessage.bfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-01 19:30
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- und hier noch die additional datei ... Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by Jennefa at 2014-10-03 00:32:54
Running from C:\Users\Jennefa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Mahjong Deluxe (HKLM-x32\...\BFG-3D Mahjong Deluxe) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
Amazing Pyramids (HKLM-x32\...\BFG-Amazing Pyramids) (Version: - )
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Avalon Legends Solitaire (HKLM-x32\...\BFG-Avalon Legends Solitaire) (Version: - )
Awakening 2: Der Mondenwald (HKLM-x32\...\BFG-Awakening 2 - Der Mondenwald) (Version: - )
Awakening: Das Himmelsschloss (HKLM-x32\...\BFG-Awakening - Das Himmelsschloss) (Version: - )
Awakening: Das Königreich der Kobolde (HKLM-x32\...\BFG-Awakening - Das Koenigreich der Kobolde) (Version: - )
Awakening: Der Sonnenspitzturm Sammleredition (HKLM-x32\...\BFG-Awakening - Der Sonnenspitzturm Sammleredition) (Version: - )
Awakening: Der Wald der roten Blätter (HKLM-x32\...\BFG-Awakening - Der Wald der roten Blaetter) (Version: - )
Awakening: Schloss ohne Träume (HKLM-x32\...\BFG-Awakening - Schloss ohne Traeume) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Cadenza: Musik, Betrug und Tod (HKLM-x32\...\BFG-Cadenza - Musik, Betrug und Tod) (Version: - )
Christmas Stories: Eine Weihnachtsgeschichte (HKLM-x32\...\BFG-Christmas Stories - Eine Weihnachtsgeschichte) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.14.50 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Criminal Minds (HKLM-x32\...\BFG-Criminal Minds) (Version: - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4013 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Parables: Der Fluch des Froschkönigs (HKLM-x32\...\BFG-Dark Parables - Der Fluch des Froschkoenigs) (Version: - )
Dark Parables: Der Orden der Rotkäppchen (HKLM-x32\...\BFG-Dark Parables - Der Orden der Rotkaeppchen) (Version: - )
Dark Parables: Die letzte Cinderella (HKLM-x32\...\BFG-Dark Parables - Die letzte Cinderella) (Version: - )
Dark Parables: Dornröschens Fluch (HKLM-x32\...\BFG-Dark Parables - Dornroeschens Fluch) (Version: - )
Dark Parables: Jack und das Königreich der Lüfte Sammleredition (HKLM-x32\...\BFG-Dark Parables - Jack und das Koenigreich der Luefte Sammleredition) (Version: - )
Dark Parables: Rise of the Snow Queen (HKLM-x32\...\BFG-Dark Parables - Rise of the Snow Queen) (Version: - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.13 - INTENIUM GmbH)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dream Hills: Gestohlene Magie (HKLM-x32\...\BFG-Dream Hills - Gestohlene Magie) (Version: - )
Farm Frenzy 2 (HKLM-x32\...\BFG-Farm Frenzy 2) (Version: - )
Farm Frenzy: Helden der Wikinger (HKLM-x32\...\BFG-Farm Frenzy - Helden der Wikinger) (Version: - )
Feenzauber (HKLM-x32\...\Feenzauber) (Version: 0.0.0.0 - INTENIUM GmbH)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.8.0.5 - Sentelic)
Fiona Finch and the Finest Flowers (HKLM-x32\...\BFG-Fiona Finch and the Finest Flowers) (Version: - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Hellas 2: Olympia (HKLM-x32\...\BFG-Heroes of Hellas 2 - Olympia) (Version: - )
Heroes of Hellas 3: Athen (HKLM-x32\...\BFG-Heroes of Hellas 3 - Athen) (Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.5.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Luxor 3 (HKLM-x32\...\BFG-Luxor 3) (Version: - )
Luxor Adventures (HKLM-x32\...\BFG-Luxor Adventures) (Version: - )
Mahjongg Artifacts (HKLM-x32\...\BFG-Mahjongg Artifacts) (Version: - )
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mein Königreich für die Prinzessin (HKLM-x32\...\BFG-Mein Koenigreich fuer die Prinzessin) (Version: - )
Mein Landleben (HKLM-x32\...\BFG-Mein Landleben) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MOAI: Erschaffe deinen Traum (HKLM-x32\...\BFG-MOAI - Erschaffe deinen Traum) (Version: - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystic Inn (HKLM-x32\...\BFG-Mystic Inn) (Version: - )
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Open Office Packages (HKCU\...\Open Office Packages) (Version: - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Pflanzen gegen Zombies (HKLM-x32\...\BFG-Pflanzen gegen Zombies) (Version: - )
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0032 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ranch Rush (HKLM-x32\...\BFG-Ranch Rush) (Version: - )
Ranch Rush 2: Sara's Island Experiment (HKLM-x32\...\BFG-Ranch Rush 2 - Sara's Island Experiment) (Version: - )
Reincarnations: das Erwachen (HKLM-x32\...\BFG-Reincarnations - das Erwachen) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Royal Envoy (HKLM-x32\...\BFG-Royal Envoy) (Version: - )
Royal Envoy 2 (HKLM-x32\...\BFG-Royal Envoy 2) (Version: - )
Royal Envoy: Campaign for the Crown (HKLM-x32\...\BFG-Royal Envoy - Campaign for the Crown) (Version: - )
Sally's Salon (HKLM-x32\...\BFG-Sally's Salon) (Version: - )
Sally's Spa (HKLM-x32\...\BFG-Sally's Spa) (Version: - )
Sally's Studio (HKLM-x32\...\BFG-Sally's Studio) (Version: - )
Schätze der geheimnisvollen Insel (HKLM-x32\...\BFG-Schaetze der geheimnisvollen Insel) (Version: - )
Schätze der geheimnisvollen Insel: Das Geisterschiff (HKLM-x32\...\BFG-Schaetze der geheimnisvollen Insel - Das Geisterschiff) (Version: - )
Schätze der geheimnisvollen Insel: Die Tore des Schicksals (HKLM-x32\...\BFG-Schaetze der geheimnisvollen Insel - Die Tore des Schicksals) (Version: - )
Shangri La 2: Das Tal der Worte (HKLM-x32\...\Shangri La 2: Das Tal der Worte) (Version: 0.0.0.0 - INTENIUM GmbH)
Snark Busters: Jetzt mit Vollgas (HKLM-x32\...\BFG-Snark Busters - Jetzt mit Vollgas) (Version: - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StormFall (HKCU\...\StormFall) (Version: - StormFall)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VR-pulse Installer (HKLM\...\{D3836C5E-6824-4C9F-9B45-09C989B13EF6}) (Version: 1.5.2.0 - American Megatrends Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WiseEnhance (HKLM\...\WiseEnhance) (Version: 2014.04.28.185343 - WiseEnhance) <==== ATTENTION
World Mosaics (HKLM-x32\...\BFG-World Mosaics) (Version: - )
World Mosaics 2 (HKLM-x32\...\BFG-World Mosaics 2) (Version: - )
World Mosaics 3 - Fairy Tales (HKLM-x32\...\BFG-World Mosaics 3 - Fairy Tales) (Version: - )
World Mosaics 5 (HKLM-x32\...\BFG-World Mosaics 5) (Version: - )
World Mosaics 6 (HKLM-x32\...\BFG-World Mosaics 6) (Version: - )
World Mosaics 7 (HKLM-x32\...\BFG-World Mosaics 7) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World Riddles: Animals (HKLM-x32\...\BFG-World Riddles - Animals) (Version: - )
World Riddles: Secrets of the Ages (HKLM-x32\...\BFG-World Riddles - Secrets of the Ages) (Version: - )
World Riddles: Seven Wonders (HKLM-x32\...\BFG-World Riddles - Seven Wonders) (Version: - )
Zamaja (HKLM-x32\...\Zamaja) (Version: 0.0.0.0 - INTENIUM GmbH)
Zokk Bloxx Special (HKLM-x32\...\Zokk Bloxx Special) (Version: - )
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jennefa\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
05-09-2014 15:49:04 Windows Update
12-09-2014 12:01:24 Windows Update
12-09-2014 23:08:00 Windows Update
21-09-2014 12:15:02 Windows Update
30-09-2014 17:08:02 Windows Update
30-09-2014 18:11:40 Windows Update
02-10-2014 15:50:09 Windows Defender Checkpoint
02-10-2014 17:36:51 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {7C1C0E21-A2D1-4EF9-A1E7-8CB66717FC35} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {FBA6FB56-6855-4CCB-8AEA-D29FBC4F7653} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-07-18 18:48 - 2009-12-19 00:40 - 00104968 ____R () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-07-18 18:48 - 2010-10-07 02:46 - 00159752 ____R () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2011-07-18 18:47 - 2010-01-13 02:36 - 00117256 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2011-07-18 18:48 - 2010-01-13 02:36 - 00121864 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2011-07-18 18:48 - 2010-12-01 20:36 - 00589320 ____R () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2011-07-18 18:48 - 2010-12-01 20:37 - 00462344 ____R () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-07-18 19:54 - 2010-11-08 15:50 - 00044032 _____ () C:\Program Files\FSP\KbdHook.dll
2011-07-18 19:54 - 2010-11-08 15:51 - 00070656 _____ () C:\Program Files\FSP\FspLib.dll
2011-07-18 18:12 - 2011-03-06 21:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2013-12-20 22:39 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Jennefa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-04-28 20:53 - 2014-10-02 23:45 - 00522528 _____ () C:\Program Files (x86)\WiseEnhance\updateWiseEnhance.exe
2014-04-29 23:14 - 2014-10-02 23:48 - 00522528 _____ () C:\Program Files (x86)\WiseEnhance\bin\utilWiseEnhance.exe
2014-04-29 23:44 - 2014-10-02 18:21 - 00098592 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BrowserAdapter.exe
2014-09-05 17:42 - 2014-10-02 18:21 - 00114976 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BrowserAdapter64.exe
2014-04-29 23:44 - 2014-10-02 09:20 - 00349984 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.PurBrowse64.exe
2014-10-02 19:42 - 2014-10-02 13:54 - 00161056 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BRT.Helper.exe
2014-09-13 20:44 - 2014-10-02 00:33 - 01649952 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BOASHelper.exe
2014-09-13 20:44 - 2014-10-02 00:33 - 01786656 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BOASPRT.exe
2014-09-13 20:44 - 2014-10-02 00:33 - 01791264 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BOAS.exe
2011-07-18 18:48 - 2009-12-19 00:36 - 00973432 ____R () C:\Program Files (x86)\PHotkey\acAuth.dll
2011-07-18 18:48 - 2009-12-19 00:41 - 00129544 ____R () C:\Program Files (x86)\PHotkey\GFNEX.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-07-18 18:18 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-12 13:53 - 2014-10-02 23:48 - 00398112 _____ () C:\Program Files (x86)\WiseEnhance\bin\WiseEnhance.BrowserFilter.Helper.dll
2014-08-25 20:19 - 2014-10-02 18:21 - 00195360 _____ () C:\Program Files (x86)\WiseEnhance\bin\2c976a7fdbdc4756870f.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-07-13 21:23 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:000D6A25
AlternateDataStreams: C:\ProgramData\Temp:00D99749
AlternateDataStreams: C:\ProgramData\Temp:089CBF08
AlternateDataStreams: C:\ProgramData\Temp:0ADCCF52
AlternateDataStreams: C:\ProgramData\Temp:113787F5
AlternateDataStreams: C:\ProgramData\Temp:12A012A1
AlternateDataStreams: C:\ProgramData\Temp:160ADF0B
AlternateDataStreams: C:\ProgramData\Temp:16BD7665
AlternateDataStreams: C:\ProgramData\Temp:19636FDD
AlternateDataStreams: C:\ProgramData\Temp:1A5207FA
AlternateDataStreams: C:\ProgramData\Temp:1ECED34B
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:2077FAC7
AlternateDataStreams: C:\ProgramData\Temp:2636DE16
AlternateDataStreams: C:\ProgramData\Temp:2701CA70
AlternateDataStreams: C:\ProgramData\Temp:29C0641D
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9
AlternateDataStreams: C:\ProgramData\Temp:2AF04C69
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:302ECBD6
AlternateDataStreams: C:\ProgramData\Temp:32AE8659
AlternateDataStreams: C:\ProgramData\Temp:363E775E
AlternateDataStreams: C:\ProgramData\Temp:39DC8D60
AlternateDataStreams: C:\ProgramData\Temp:3A7527E8
AlternateDataStreams: C:\ProgramData\Temp:3AF262FC
AlternateDataStreams: C:\ProgramData\Temp:3B622E21
AlternateDataStreams: C:\ProgramData\Temp:3C0887BF
AlternateDataStreams: C:\ProgramData\Temp:3E8A3E87
AlternateDataStreams: C:\ProgramData\Temp:3E988A0F
AlternateDataStreams: C:\ProgramData\Temp:4149A170
AlternateDataStreams: C:\ProgramData\Temp:453190EC
AlternateDataStreams: C:\ProgramData\Temp:4A853310
AlternateDataStreams: C:\ProgramData\Temp:4C71A42B
AlternateDataStreams: C:\ProgramData\Temp:4F8B1CCE
AlternateDataStreams: C:\ProgramData\Temp:4F96D8E6
AlternateDataStreams: C:\ProgramData\Temp:506698B2
AlternateDataStreams: C:\ProgramData\Temp:538A9F02
AlternateDataStreams: C:\ProgramData\Temp:5607B58C
AlternateDataStreams: C:\ProgramData\Temp:581B0446
AlternateDataStreams: C:\ProgramData\Temp:59846E5E
AlternateDataStreams: C:\ProgramData\Temp:5C0940F1
AlternateDataStreams: C:\ProgramData\Temp:5C3ED5BB
AlternateDataStreams: C:\ProgramData\Temp:5D10C56A
AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2
AlternateDataStreams: C:\ProgramData\Temp:6017A808
AlternateDataStreams: C:\ProgramData\Temp:63210866
AlternateDataStreams: C:\ProgramData\Temp:641A21EA
AlternateDataStreams: C:\ProgramData\Temp:667D4A95
AlternateDataStreams: C:\ProgramData\Temp:678C1866
AlternateDataStreams: C:\ProgramData\Temp:6B251180
AlternateDataStreams: C:\ProgramData\Temp:6C049F97
AlternateDataStreams: C:\ProgramData\Temp:6E11933F
AlternateDataStreams: C:\ProgramData\Temp:706B1D1A
AlternateDataStreams: C:\ProgramData\Temp:70E897B5
AlternateDataStreams: C:\ProgramData\Temp:76466F4C
AlternateDataStreams: C:\ProgramData\Temp:7BB584AA
AlternateDataStreams: C:\ProgramData\Temp:7DC5D762
AlternateDataStreams: C:\ProgramData\Temp:7E0EFF7B
AlternateDataStreams: C:\ProgramData\Temp:8140CB50
AlternateDataStreams: C:\ProgramData\Temp:81A3F151
AlternateDataStreams: C:\ProgramData\Temp:8247A199
AlternateDataStreams: C:\ProgramData\Temp:848CC150
AlternateDataStreams: C:\ProgramData\Temp:85376176
AlternateDataStreams: C:\ProgramData\Temp:865F21BF
AlternateDataStreams: C:\ProgramData\Temp:8944C195
AlternateDataStreams: C:\ProgramData\Temp:8C6D2EC3
AlternateDataStreams: C:\ProgramData\Temp:8C81B36D
AlternateDataStreams: C:\ProgramData\Temp:928DF32E
AlternateDataStreams: C:\ProgramData\Temp:961B84C5
AlternateDataStreams: C:\ProgramData\Temp:96372A73
AlternateDataStreams: C:\ProgramData\Temp:97CA3B9E
AlternateDataStreams: C:\ProgramData\Temp:996104FC
AlternateDataStreams: C:\ProgramData\Temp:99AC3203
AlternateDataStreams: C:\ProgramData\Temp:9C7A32BB
AlternateDataStreams: C:\ProgramData\Temp:9D03192E
AlternateDataStreams: C:\ProgramData\Temp:A3840F5B
AlternateDataStreams: C:\ProgramData\Temp:A3B8F70C
AlternateDataStreams: C:\ProgramData\Temp:A4241298
AlternateDataStreams: C:\ProgramData\Temp:A6B07419
AlternateDataStreams: C:\ProgramData\Temp:A8F2382B
AlternateDataStreams: C:\ProgramData\Temp:AC83EA04
AlternateDataStreams: C:\ProgramData\Temp:ACCFA538
AlternateDataStreams: C:\ProgramData\Temp:AE75CCC8
AlternateDataStreams: C:\ProgramData\Temp:AFFA972E
AlternateDataStreams: C:\ProgramData\Temp:B01EC114
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
AlternateDataStreams: C:\ProgramData\Temp:B3942462
AlternateDataStreams: C:\ProgramData\Temp:B65E763D
AlternateDataStreams: C:\ProgramData\Temp:B8791731
AlternateDataStreams: C:\ProgramData\Temp:B961095A
AlternateDataStreams: C:\ProgramData\Temp:C3392F75
AlternateDataStreams: C:\ProgramData\Temp:C98828D3
AlternateDataStreams: C:\ProgramData\Temp:CA400C1B
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30
AlternateDataStreams: C:\ProgramData\Temp:D0757AAB
AlternateDataStreams: C:\ProgramData\Temp:D1713795
AlternateDataStreams: C:\ProgramData\Temp:D2397415
AlternateDataStreams: C:\ProgramData\Temp:D4BB0AD6
AlternateDataStreams: C:\ProgramData\Temp:D5CCCBAA
AlternateDataStreams: C:\ProgramData\Temp:D6A4A911
AlternateDataStreams: C:\ProgramData\Temp:D6D084A5
AlternateDataStreams: C:\ProgramData\Temp:D8A1AC56
AlternateDataStreams: C:\ProgramData\Temp:D9987109
AlternateDataStreams: C:\ProgramData\Temp:DC9915D2
AlternateDataStreams: C:\ProgramData\Temp:E54FC174
AlternateDataStreams: C:\ProgramData\Temp:EB86F355
AlternateDataStreams: C:\ProgramData\Temp:F2E878EB
AlternateDataStreams: C:\ProgramData\Temp:F4362715
AlternateDataStreams: C:\ProgramData\Temp:FED25C29
AlternateDataStreams: C:\ProgramData\Temp:FF7D915E
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-610939652-828115785-2253814009-500 - Administrator - Disabled)
Gast (S-1-5-21-610939652-828115785-2253814009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-610939652-828115785-2253814009-1002 - Limited - Enabled)
Jennefa (S-1-5-21-610939652-828115785-2253814009-1000 - Administrator - Enabled) => C:\Users\Jennefa
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/02/2014 05:50:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {b1988bce-a43e-4042-a55c-133e9038c521}
Error: (10/02/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DUser.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdf26
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000057ce
ID des fehlerhaften Prozesses: 0xc3c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (09/30/2014 07:00:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bfgclient.exe, Version 3.3.0.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17e0
Startzeit: 01cfdccfdbf9c39e
Endzeit: 14
Anwendungspfad: C:\Program Files (x86)\bfgclient\bfgclient.exe
Berichts-ID: 34b52fa5-48c3-11e4-90ba-386077d17015
Error: (08/29/2014 00:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x1a04
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/29/2014 04:50:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x1308
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/29/2014 04:01:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x13dc
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/27/2014 00:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0xb44
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/27/2014 08:31:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GPlayer.exe, Version: 2.4.2.13, Zeitstempel: 0x53c64eed
Name des fehlerhaften Moduls: GPlayer.exe, Version: 2.4.2.13, Zeitstempel: 0x53c64eed
Ausnahmecode: 0x40000015
Fehleroffset: 0x000ca0f8
ID des fehlerhaften Prozesses: 0x1010
Startzeit der fehlerhaften Anwendung: 0xGPlayer.exe0
Pfad der fehlerhaften Anwendung: GPlayer.exe1
Pfad des fehlerhaften Moduls: GPlayer.exe2
Berichtskennung: GPlayer.exe3
Error: (08/27/2014 06:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Zamaja.exe, Version: 1.0.6.822, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: Zamaja.exe, Version: 1.0.6.822, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000023b4
ID des fehlerhaften Prozesses: 0x44c
Startzeit der fehlerhaften Anwendung: 0xZamaja.exe0
Pfad der fehlerhaften Anwendung: Zamaja.exe1
Pfad des fehlerhaften Moduls: Zamaja.exe2
Berichtskennung: Zamaja.exe3
Error: (08/27/2014 04:45:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x1750
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
System errors:
=============
Error: (10/02/2014 11:48:58 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 11:04:45 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 10:57:21 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 10:29:10 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 08:35:03 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 07:40:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/02/2014 07:35:44 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 07:12:47 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 07:11:48 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/02/2014 06:58:16 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (10/02/2014 05:50:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {b1988bce-a43e-4042-a55c-133e9038c521}
Error: (10/02/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4DUser.dll6.1.7600.163854a5bdf26c000000500000000000057cec3c01cfde3a41f4b5f8C:\Windows\Explorer.EXEC:\Windows\system32\DUser.dll310b6192-4a49-11e4-853f-386077d17015
Error: (09/30/2014 07:00:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bfgclient.exe3.3.0.217e001cfdccfdbf9c39e14C:\Program Files (x86)\bfgclient\bfgclient.exe34b52fa5-48c3-11e4-90ba-386077d17015
Error: (08/29/2014 00:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d21a0401cfc37541c83e5aC:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll340d3287-2f69-11e4-be0a-386077d17015
Error: (08/29/2014 04:50:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2130801cfc33344e29deeC:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll36e6dea8-2f27-11e4-be0a-386077d17015
Error: (08/29/2014 04:01:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d213dc01cfc32c6a477ba3C:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll62fffd6e-2f20-11e4-be0a-386077d17015
Error: (08/27/2014 00:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2b4401cfc1e21bdab481C:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll0e315c30-2dd6-11e4-b837-386077d17015
Error: (08/27/2014 08:31:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GPlayer.exe2.4.2.1353c64eedGPlayer.exe2.4.2.1353c64eed40000015000ca0f8101001cfc1c08f600a62C:\Program Files (x86)\OXXOGames\GPlayer\GPlayer.exeC:\Program Files (x86)\OXXOGames\GPlayer\GPlayer.execefa9977-2db3-11e4-9243-386077d17015
Error: (08/27/2014 06:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zamaja.exe1.0.6.8222a425e19Zamaja.exe1.0.6.8222a425e19c0000005000023b444c01cfc1a6d69b392eC:\Program Files (x86)\DEUTSCHLAND SPIELT\Zamaja\Zamaja.exeC:\Program Files (x86)\DEUTSCHLAND SPIELT\Zamaja\Zamaja.exec074c70d-2d9f-11e4-9243-386077d17015
Error: (08/27/2014 04:45:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2175001cfc19fbb038c5aC:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll457f6c08-2d94-11e4-9243-386077d17015
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 42%
Total physical RAM: 6055.13 MB
Available physical RAM: 3453.54 MB
Total Pagefile: 12108.43 MB
Available Pagefile: 9381.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:645.54 GB) (Free:543.22 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: AF94AF94)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=645.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
|
03.10.2014, 20:26
| #4 |
| Ruhe in Frieden † 2019 | Windows 7 / Chrome - Neue Tabs öffnen sich selbständig Hallo, hast du das Passwort auf facebook geändert? Wenn nicht, dann mache das bitte Schritt 1 Bitte deinstalliere folgende Programme (falls vorhanden) : Buzzdock Java(TM) 6 Update 26 Java(TM) 6 Update 26 Open Office Packages WiseEnhance Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus. Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Starte noch einmal FRST.
|
|
03.10.2014, 21:26
| #5 |
| | Windows 7 / Chrome - Neue Tabs öffnen sich selbständig Hallo Sandra, ich hoffe es ist ok, wenn ich eins nach dem anderen mache und auch poste...das Facebook-Passwort habe ich noch an dem Tag, an dem das passiert ist, geändert. Seitdem ist das auch nicht mehr passiert, wenn sich neue Tabs ungefragt öffnen, ist aber Facebook auch hin und wieder dabei...keine Ahnung  hier also schonmal der adw cleaner logfile, der Rest folgt Code:
ATTFilter # AdwCleaner v3.311 - Bericht erstellt am 03/10/2014 um 21:44:45
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Jennefa - JENNEFA-PC
# Gestartet von : C:\Users\Jennefa\Downloads\AdwCleaner_3.311.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64
Dienst Gelöscht : {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Partner
[#] Ordner Gelöscht : C:\ProgramData\Alawar Stargaze
Ordner Gelöscht : C:\ProgramData\QuueenCoupOn
Ordner Gelöscht : C:\Program Files (x86)\QuueenCoupOn
Ordner Gelöscht : C:\Users\Jennefa\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Jennefa\AppData\Local\Temp\WiseEnhance
Ordner Gelöscht : C:\Users\Jennefa\AppData\Roaming\Alawar Stargaze
Datei Gelöscht : C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys
Datei Gelöscht : C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64.sys
Datei Gelöscht : C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
Datei Gelöscht : C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\QuueeenCoupon.QuueeenCoupon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\QuueeenCoupon.QuueeenCoupon.1.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8E87897D-7146-3BDB-66E3-D9B8D1914586}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E87897D-7146-3BDB-66E3-D9B8D1914586}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E87897D-7146-3BDB-66E3-D9B8D1914586}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8E87897D-7146-3BDB-66E3-D9B8D1914586}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{8E87897D-7146-3BDB-66E3-D9B8D1914586}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v35.0.1916.114
[ Datei : C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : ejocekekgcaldnmjngfdbmbeebcekelc
*************************
AdwCleaner[R0].txt - [6729 octets] - [03/10/2014 21:43:57]
AdwCleaner[S0].txt - [5321 octets] - [03/10/2014 21:44:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5381 octets] ##########
 erstes Hindernis: ich habe mbam scannen lassen, danach alles in Quarantäne geschoben und dann neugestartet. Ich wollte dann auf Ansicht gehen aber der Button ist und bleibt, trotz gesetztem Häkchen, ausgegraut. Hast du vielleicht eine Idee, wie ich Dir den file trotzdem zukommen lassen kann? hier schonmal der FRST logfile (konnte Schritt 3 ja trotzdem schonmal ausführen): FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Jennefa (administrator) on JENNEFA-PC on 03-10-2014 22:19:23
Running from C:\Users\Jennefa\Downloads
Loaded Profile: Jennefa (Available profiles: Jennefa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\POsd.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Users\Jennefa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [4055552 2010-11-08] (Sentelic Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-04-15] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [228448 2011-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-610939652-828115785-2253814009-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-610939652-828115785-2253814009-1000\...\Run: [Amazon Cloud Player] => C:\Users\Jennefa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-610939652-828115785-2253814009-1000\...\MountPoints2: {bd562853-c1aa-11e3-91b5-386077d17015} - F:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
SearchScopes: HKCU - {67B91621-8512-43BF-85CE-0365362CFE11} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_18_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CyCyDzy0AzyyDtB0EtCtBtN0D0Tzu0SzzyEzytN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtA0FtBzyyD0EtG0ByBtCtDtGtD0AyEtBtGyEyDyDyBtGyE0BtC0EyD0DtA0C0EtAtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDzy0D0EyE0FyBtGzy0B0C0AtG0AyEtC0CtGzyzyyC0BtGyE0FyC0B0A0D0CyDyCtC0Czz2Q&cr=817762774&ir=
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Word²) - C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibnckjjeaabeepofhfmmpjmnomohee [2013-02-03]
CHR Extension: (Google Wallet) - C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Aztec Drop) - C:\Users\Jennefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmeglpffblgeibddiihnafkihmkleje [2013-02-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-10-07] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-03 21:56 - 2014-10-03 22:15 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 21:56 - 2014-10-03 21:56 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-03 21:56 - 2014-10-03 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-03 21:56 - 2014-10-03 21:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 21:56 - 2014-10-03 21:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-03 21:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 21:56 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 21:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-03 21:55 - 2014-10-03 21:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jennefa\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-03 21:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-03 21:43 - 2014-10-03 21:45 - 00000000 ____D () C:\AdwCleaner
2014-10-03 21:43 - 2014-10-03 21:43 - 01375089 _____ () C:\Users\Jennefa\Downloads\AdwCleaner_3.311.exe
2014-10-03 00:32 - 2014-10-03 00:33 - 00046747 _____ () C:\Users\Jennefa\Downloads\Addition.txt
2014-10-03 00:31 - 2014-10-03 22:20 - 00011833 _____ () C:\Users\Jennefa\Downloads\FRST.txt
2014-10-03 00:30 - 2014-10-03 22:19 - 00000000 ____D () C:\FRST
2014-10-03 00:30 - 2014-10-03 00:30 - 02109440 _____ (Farbar) C:\Users\Jennefa\Downloads\FRST64.exe
2014-10-02 19:47 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-02 19:47 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-02 19:47 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-02 19:47 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-10-02 19:42 - 2014-09-30 16:29 - 00770384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-10-02 19:41 - 2014-10-02 19:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-30 19:12 - 2014-10-02 19:39 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awakening - Der Wald der roten Blaetter
2014-09-30 19:12 - 2014-10-02 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awakening - Der Wald der roten Blaetter
2014-09-30 19:12 - 2014-09-30 19:13 - 00000000 ____D () C:\Program Files (x86)\Awakening - Der Wald der roten Blaetter
2014-09-30 19:01 - 2014-09-30 19:01 - 00002101 _____ () C:\Users\Jennefa\Downloads\bfg_receipt_221211178.txt
2014-09-30 18:58 - 2014-09-30 18:59 - 00237568 _____ (Big Fish Games) C:\Users\Jennefa\Downloads\bigfishgames_p221211178_s2_l2.exe
2014-09-13 01:18 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 01:18 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 01:18 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 01:18 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 01:18 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 01:18 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 01:18 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 01:18 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 01:18 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 01:18 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 01:18 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 01:18 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 01:18 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 01:18 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 01:18 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 01:18 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 01:18 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 01:18 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 01:18 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 01:18 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 01:18 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 01:18 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 01:18 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 01:18 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 01:18 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 01:18 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 01:18 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 01:18 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 01:18 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 01:18 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 01:18 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 01:18 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 01:18 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 01:18 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 01:18 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 01:18 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 01:18 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 01:18 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 01:18 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 01:18 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 01:18 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 01:18 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 01:18 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 01:18 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 01:18 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 01:18 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 01:18 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 01:18 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 01:18 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 01:18 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 01:18 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 01:18 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 01:18 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 01:18 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 01:18 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 01:18 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 01:08 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 01:08 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 14:04 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 14:04 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 14:04 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 14:04 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 14:03 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 14:03 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 14:03 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 14:03 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 14:03 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 14:03 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 14:03 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-03 22:18 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-03 22:18 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-03 22:14 - 2013-02-03 00:36 - 01971693 _____ () C:\Windows\WindowsUpdate.log
2014-10-03 22:10 - 2013-02-03 00:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-03 22:10 - 2010-11-21 05:47 - 00177682 _____ () C:\Windows\PFRO.log
2014-10-03 22:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-03 22:10 - 2009-07-14 06:51 - 00143032 _____ () C:\Windows\setupact.log
2014-10-03 22:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SchCache
2014-10-03 21:35 - 2013-02-03 00:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-03 21:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-03 20:46 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-10-02 19:41 - 2013-02-18 02:56 - 00000000 ____D () C:\Users\Jennefa\Desktop\BigFishGames
2014-10-02 19:39 - 2013-08-04 03:34 - 00000000 ____D () C:\BigFishCache
2014-10-02 19:39 - 2013-02-03 15:18 - 00000000 __RHD () C:\MSOCache
2014-10-02 19:39 - 2013-02-03 15:13 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\SoftGrid Client
2014-10-02 19:39 - 2013-02-03 00:46 - 00000000 ____D () C:\Users\Jennefa
2014-10-02 19:39 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-02 19:39 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-02 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-10-02 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-30 20:11 - 2011-03-15 00:27 - 00000000 ____D () C:\ProgramData\Temp
2014-09-30 19:14 - 2013-04-09 18:25 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\Boomzap
2014-09-30 19:01 - 2013-05-27 22:28 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-09-30 19:01 - 2011-06-28 21:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-30 18:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-09-21 14:20 - 2014-07-27 02:11 - 00000000 ____D () C:\Users\Jennefa\AppData\Local\Windows Live
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 01:17 - 2013-02-03 15:12 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 01:17 - 2011-02-10 21:25 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 01:17 - 2011-02-10 21:25 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 01:16 - 2013-08-15 01:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 01:16 - 2009-07-14 07:13 - 01596516 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 01:09 - 2011-02-10 22:56 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 01:08 - 2014-05-02 19:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-05 18:08 - 2013-03-10 16:06 - 00000000 ____D () C:\Users\Jennefa\AppData\Roaming\Blue Tea Games
Some content of TEMP:
====================
C:\Users\Jennefa\AppData\Local\Temp\bfguni.exe
C:\Users\Jennefa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxfpexa.dll
C:\Users\Jennefa\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Jennefa\AppData\Local\Temp\Quarantine.exe
C:\Users\Jennefa\AppData\Local\Temp\tempmessage.bfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-01 19:30
==================== End Of Log ============================
--- --- --- --- --- --- uuund zu guter Letzt nochmal die addition datei: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by Jennefa at 2014-10-03 22:20:44
Running from C:\Users\Jennefa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Mahjong Deluxe (HKLM-x32\...\BFG-3D Mahjong Deluxe) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
Amazing Pyramids (HKLM-x32\...\BFG-Amazing Pyramids) (Version: - )
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Avalon Legends Solitaire (HKLM-x32\...\BFG-Avalon Legends Solitaire) (Version: - )
Awakening 2: Der Mondenwald (HKLM-x32\...\BFG-Awakening 2 - Der Mondenwald) (Version: - )
Awakening: Das Himmelsschloss (HKLM-x32\...\BFG-Awakening - Das Himmelsschloss) (Version: - )
Awakening: Das Königreich der Kobolde (HKLM-x32\...\BFG-Awakening - Das Koenigreich der Kobolde) (Version: - )
Awakening: Der Sonnenspitzturm Sammleredition (HKLM-x32\...\BFG-Awakening - Der Sonnenspitzturm Sammleredition) (Version: - )
Awakening: Der Wald der roten Blätter (HKLM-x32\...\BFG-Awakening - Der Wald der roten Blaetter) (Version: - )
Awakening: Schloss ohne Träume (HKLM-x32\...\BFG-Awakening - Schloss ohne Traeume) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Cadenza: Musik, Betrug und Tod (HKLM-x32\...\BFG-Cadenza - Musik, Betrug und Tod) (Version: - )
Christmas Stories: Eine Weihnachtsgeschichte (HKLM-x32\...\BFG-Christmas Stories - Eine Weihnachtsgeschichte) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.14.50 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Criminal Minds (HKLM-x32\...\BFG-Criminal Minds) (Version: - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4013 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Parables: Der Fluch des Froschkönigs (HKLM-x32\...\BFG-Dark Parables - Der Fluch des Froschkoenigs) (Version: - )
Dark Parables: Der Orden der Rotkäppchen (HKLM-x32\...\BFG-Dark Parables - Der Orden der Rotkaeppchen) (Version: - )
Dark Parables: Die letzte Cinderella (HKLM-x32\...\BFG-Dark Parables - Die letzte Cinderella) (Version: - )
Dark Parables: Dornröschens Fluch (HKLM-x32\...\BFG-Dark Parables - Dornroeschens Fluch) (Version: - )
Dark Parables: Jack und das Königreich der Lüfte Sammleredition (HKLM-x32\...\BFG-Dark Parables - Jack und das Koenigreich der Luefte Sammleredition) (Version: - )
Dark Parables: Rise of the Snow Queen (HKLM-x32\...\BFG-Dark Parables - Rise of the Snow Queen) (Version: - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 2.4.2.13 - INTENIUM GmbH)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dream Hills: Gestohlene Magie (HKLM-x32\...\BFG-Dream Hills - Gestohlene Magie) (Version: - )
Farm Frenzy 2 (HKLM-x32\...\BFG-Farm Frenzy 2) (Version: - )
Farm Frenzy: Helden der Wikinger (HKLM-x32\...\BFG-Farm Frenzy - Helden der Wikinger) (Version: - )
Feenzauber (HKLM-x32\...\Feenzauber) (Version: 0.0.0.0 - INTENIUM GmbH)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.8.0.5 - Sentelic)
Fiona Finch and the Finest Flowers (HKLM-x32\...\BFG-Fiona Finch and the Finest Flowers) (Version: - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Hellas 2: Olympia (HKLM-x32\...\BFG-Heroes of Hellas 2 - Olympia) (Version: - )
Heroes of Hellas 3: Athen (HKLM-x32\...\BFG-Heroes of Hellas 3 - Athen) (Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Luxor 3 (HKLM-x32\...\BFG-Luxor 3) (Version: - )
Luxor Adventures (HKLM-x32\...\BFG-Luxor Adventures) (Version: - )
Mahjongg Artifacts (HKLM-x32\...\BFG-Mahjongg Artifacts) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mein Königreich für die Prinzessin (HKLM-x32\...\BFG-Mein Koenigreich fuer die Prinzessin) (Version: - )
Mein Landleben (HKLM-x32\...\BFG-Mein Landleben) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MOAI: Erschaffe deinen Traum (HKLM-x32\...\BFG-MOAI - Erschaffe deinen Traum) (Version: - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystic Inn (HKLM-x32\...\BFG-Mystic Inn) (Version: - )
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Pflanzen gegen Zombies (HKLM-x32\...\BFG-Pflanzen gegen Zombies) (Version: - )
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0032 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ranch Rush (HKLM-x32\...\BFG-Ranch Rush) (Version: - )
Ranch Rush 2: Sara's Island Experiment (HKLM-x32\...\BFG-Ranch Rush 2 - Sara's Island Experiment) (Version: - )
Reincarnations: das Erwachen (HKLM-x32\...\BFG-Reincarnations - das Erwachen) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Royal Envoy (HKLM-x32\...\BFG-Royal Envoy) (Version: - )
Royal Envoy 2 (HKLM-x32\...\BFG-Royal Envoy 2) (Version: - )
Royal Envoy: Campaign for the Crown (HKLM-x32\...\BFG-Royal Envoy - Campaign for the Crown) (Version: - )
Sally's Salon (HKLM-x32\...\BFG-Sally's Salon) (Version: - )
Sally's Spa (HKLM-x32\...\BFG-Sally's Spa) (Version: - )
Sally's Studio (HKLM-x32\...\BFG-Sally's Studio) (Version: - )
Schätze der geheimnisvollen Insel (HKLM-x32\...\BFG-Schaetze der geheimnisvollen Insel) (Version: - )
Schätze der geheimnisvollen Insel: Das Geisterschiff (HKLM-x32\...\BFG-Schaetze der geheimnisvollen Insel - Das Geisterschiff) (Version: - )
Schätze der geheimnisvollen Insel: Die Tore des Schicksals (HKLM-x32\...\BFG-Schaetze der geheimnisvollen Insel - Die Tore des Schicksals) (Version: - )
Shangri La 2: Das Tal der Worte (HKLM-x32\...\Shangri La 2: Das Tal der Worte) (Version: 0.0.0.0 - INTENIUM GmbH)
Snark Busters: Jetzt mit Vollgas (HKLM-x32\...\BFG-Snark Busters - Jetzt mit Vollgas) (Version: - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StormFall (HKCU\...\StormFall) (Version: - StormFall)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VR-pulse Installer (HKLM\...\{D3836C5E-6824-4C9F-9B45-09C989B13EF6}) (Version: 1.5.2.0 - American Megatrends Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
World Mosaics (HKLM-x32\...\BFG-World Mosaics) (Version: - )
World Mosaics 2 (HKLM-x32\...\BFG-World Mosaics 2) (Version: - )
World Mosaics 3 - Fairy Tales (HKLM-x32\...\BFG-World Mosaics 3 - Fairy Tales) (Version: - )
World Mosaics 5 (HKLM-x32\...\BFG-World Mosaics 5) (Version: - )
World Mosaics 6 (HKLM-x32\...\BFG-World Mosaics 6) (Version: - )
World Mosaics 7 (HKLM-x32\...\BFG-World Mosaics 7) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World Riddles: Animals (HKLM-x32\...\BFG-World Riddles - Animals) (Version: - )
World Riddles: Secrets of the Ages (HKLM-x32\...\BFG-World Riddles - Secrets of the Ages) (Version: - )
World Riddles: Seven Wonders (HKLM-x32\...\BFG-World Riddles - Seven Wonders) (Version: - )
Zamaja (HKLM-x32\...\Zamaja) (Version: 0.0.0.0 - INTENIUM GmbH)
Zokk Bloxx Special (HKLM-x32\...\Zokk Bloxx Special) (Version: - )
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jennefa\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-610939652-828115785-2253814009-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jennefa\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
05-09-2014 15:49:04 Windows Update
12-09-2014 12:01:24 Windows Update
12-09-2014 23:08:00 Windows Update
21-09-2014 12:15:02 Windows Update
30-09-2014 17:08:02 Windows Update
30-09-2014 18:11:40 Windows Update
02-10-2014 15:50:09 Windows Defender Checkpoint
02-10-2014 17:36:51 Wiederherstellungsvorgang
03-10-2014 00:27:18 Windows Update
03-10-2014 19:40:59 Removed Java(TM) 6 Update 26
03-10-2014 19:41:42 Removed Java(TM) 6 Update 26 (64-bit)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {7C1C0E21-A2D1-4EF9-A1E7-8CB66717FC35} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {FBA6FB56-6855-4CCB-8AEA-D29FBC4F7653} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-07-18 18:48 - 2009-12-19 00:40 - 00104968 ____R () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-07-18 18:48 - 2010-10-07 02:46 - 00159752 ____R () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2011-07-18 18:47 - 2010-01-13 02:36 - 00117256 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2011-07-18 18:48 - 2010-01-13 02:36 - 00121864 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2011-07-18 18:48 - 2010-12-01 20:36 - 00589320 ____R () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2011-07-18 18:48 - 2010-12-01 20:37 - 00462344 ____R () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-07-18 19:54 - 2010-11-08 15:50 - 00044032 _____ () C:\Program Files\FSP\KbdHook.dll
2011-07-18 19:54 - 2010-11-08 15:51 - 00070656 _____ () C:\Program Files\FSP\FspLib.dll
2011-07-18 18:12 - 2011-03-06 21:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Jennefa\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2013-12-20 22:39 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Jennefa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2011-07-18 18:48 - 2009-12-19 00:36 - 00973432 ____R () C:\Program Files (x86)\PHotkey\acAuth.dll
2011-07-18 18:48 - 2009-12-19 00:41 - 00129544 ____R () C:\Program Files (x86)\PHotkey\GFNEX.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-06-06 16:41 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2011-07-18 18:18 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:000D6A25
AlternateDataStreams: C:\ProgramData\Temp:00D99749
AlternateDataStreams: C:\ProgramData\Temp:089CBF08
AlternateDataStreams: C:\ProgramData\Temp:0ADCCF52
AlternateDataStreams: C:\ProgramData\Temp:113787F5
AlternateDataStreams: C:\ProgramData\Temp:12A012A1
AlternateDataStreams: C:\ProgramData\Temp:160ADF0B
AlternateDataStreams: C:\ProgramData\Temp:16BD7665
AlternateDataStreams: C:\ProgramData\Temp:19636FDD
AlternateDataStreams: C:\ProgramData\Temp:1A5207FA
AlternateDataStreams: C:\ProgramData\Temp:1ECED34B
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:2077FAC7
AlternateDataStreams: C:\ProgramData\Temp:2636DE16
AlternateDataStreams: C:\ProgramData\Temp:2701CA70
AlternateDataStreams: C:\ProgramData\Temp:29C0641D
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9
AlternateDataStreams: C:\ProgramData\Temp:2AF04C69
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:302ECBD6
AlternateDataStreams: C:\ProgramData\Temp:32AE8659
AlternateDataStreams: C:\ProgramData\Temp:363E775E
AlternateDataStreams: C:\ProgramData\Temp:39DC8D60
AlternateDataStreams: C:\ProgramData\Temp:3A7527E8
AlternateDataStreams: C:\ProgramData\Temp:3AF262FC
AlternateDataStreams: C:\ProgramData\Temp:3B622E21
AlternateDataStreams: C:\ProgramData\Temp:3C0887BF
AlternateDataStreams: C:\ProgramData\Temp:3E8A3E87
AlternateDataStreams: C:\ProgramData\Temp:3E988A0F
AlternateDataStreams: C:\ProgramData\Temp:4149A170
AlternateDataStreams: C:\ProgramData\Temp:453190EC
AlternateDataStreams: C:\ProgramData\Temp:4A853310
AlternateDataStreams: C:\ProgramData\Temp:4C71A42B
AlternateDataStreams: C:\ProgramData\Temp:4F8B1CCE
AlternateDataStreams: C:\ProgramData\Temp:4F96D8E6
AlternateDataStreams: C:\ProgramData\Temp:506698B2
AlternateDataStreams: C:\ProgramData\Temp:538A9F02
AlternateDataStreams: C:\ProgramData\Temp:5607B58C
AlternateDataStreams: C:\ProgramData\Temp:581B0446
AlternateDataStreams: C:\ProgramData\Temp:59846E5E
AlternateDataStreams: C:\ProgramData\Temp:5C0940F1
AlternateDataStreams: C:\ProgramData\Temp:5C3ED5BB
AlternateDataStreams: C:\ProgramData\Temp:5D10C56A
AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2
AlternateDataStreams: C:\ProgramData\Temp:6017A808
AlternateDataStreams: C:\ProgramData\Temp:63210866
AlternateDataStreams: C:\ProgramData\Temp:641A21EA
AlternateDataStreams: C:\ProgramData\Temp:667D4A95
AlternateDataStreams: C:\ProgramData\Temp:678C1866
AlternateDataStreams: C:\ProgramData\Temp:6B251180
AlternateDataStreams: C:\ProgramData\Temp:6C049F97
AlternateDataStreams: C:\ProgramData\Temp:6E11933F
AlternateDataStreams: C:\ProgramData\Temp:706B1D1A
AlternateDataStreams: C:\ProgramData\Temp:70E897B5
AlternateDataStreams: C:\ProgramData\Temp:76466F4C
AlternateDataStreams: C:\ProgramData\Temp:7BB584AA
AlternateDataStreams: C:\ProgramData\Temp:7DC5D762
AlternateDataStreams: C:\ProgramData\Temp:7E0EFF7B
AlternateDataStreams: C:\ProgramData\Temp:8140CB50
AlternateDataStreams: C:\ProgramData\Temp:81A3F151
AlternateDataStreams: C:\ProgramData\Temp:8247A199
AlternateDataStreams: C:\ProgramData\Temp:848CC150
AlternateDataStreams: C:\ProgramData\Temp:85376176
AlternateDataStreams: C:\ProgramData\Temp:865F21BF
AlternateDataStreams: C:\ProgramData\Temp:8944C195
AlternateDataStreams: C:\ProgramData\Temp:8C6D2EC3
AlternateDataStreams: C:\ProgramData\Temp:8C81B36D
AlternateDataStreams: C:\ProgramData\Temp:928DF32E
AlternateDataStreams: C:\ProgramData\Temp:961B84C5
AlternateDataStreams: C:\ProgramData\Temp:96372A73
AlternateDataStreams: C:\ProgramData\Temp:97CA3B9E
AlternateDataStreams: C:\ProgramData\Temp:996104FC
AlternateDataStreams: C:\ProgramData\Temp:99AC3203
AlternateDataStreams: C:\ProgramData\Temp:9C7A32BB
AlternateDataStreams: C:\ProgramData\Temp:9D03192E
AlternateDataStreams: C:\ProgramData\Temp:A3840F5B
AlternateDataStreams: C:\ProgramData\Temp:A3B8F70C
AlternateDataStreams: C:\ProgramData\Temp:A4241298
AlternateDataStreams: C:\ProgramData\Temp:A6B07419
AlternateDataStreams: C:\ProgramData\Temp:A8F2382B
AlternateDataStreams: C:\ProgramData\Temp:AC83EA04
AlternateDataStreams: C:\ProgramData\Temp:ACCFA538
AlternateDataStreams: C:\ProgramData\Temp:AE75CCC8
AlternateDataStreams: C:\ProgramData\Temp:AFFA972E
AlternateDataStreams: C:\ProgramData\Temp:B01EC114
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
AlternateDataStreams: C:\ProgramData\Temp:B3942462
AlternateDataStreams: C:\ProgramData\Temp:B65E763D
AlternateDataStreams: C:\ProgramData\Temp:B8791731
AlternateDataStreams: C:\ProgramData\Temp:B961095A
AlternateDataStreams: C:\ProgramData\Temp:C3392F75
AlternateDataStreams: C:\ProgramData\Temp:C98828D3
AlternateDataStreams: C:\ProgramData\Temp:CA400C1B
AlternateDataStreams: C:\ProgramData\Temp:CBAF0C30
AlternateDataStreams: C:\ProgramData\Temp:D0757AAB
AlternateDataStreams: C:\ProgramData\Temp:D1713795
AlternateDataStreams: C:\ProgramData\Temp:D2397415
AlternateDataStreams: C:\ProgramData\Temp:D4BB0AD6
AlternateDataStreams: C:\ProgramData\Temp:D5CCCBAA
AlternateDataStreams: C:\ProgramData\Temp:D6A4A911
AlternateDataStreams: C:\ProgramData\Temp:D6D084A5
AlternateDataStreams: C:\ProgramData\Temp:D8A1AC56
AlternateDataStreams: C:\ProgramData\Temp:D9987109
AlternateDataStreams: C:\ProgramData\Temp:DC9915D2
AlternateDataStreams: C:\ProgramData\Temp:E54FC174
AlternateDataStreams: C:\ProgramData\Temp:EB86F355
AlternateDataStreams: C:\ProgramData\Temp:F2E878EB
AlternateDataStreams: C:\ProgramData\Temp:F4362715
AlternateDataStreams: C:\ProgramData\Temp:FED25C29
AlternateDataStreams: C:\ProgramData\Temp:FF7D915E
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-610939652-828115785-2253814009-500 - Administrator - Disabled)
Gast (S-1-5-21-610939652-828115785-2253814009-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-610939652-828115785-2253814009-1002 - Limited - Enabled)
Jennefa (S-1-5-21-610939652-828115785-2253814009-1000 - Administrator - Enabled) => C:\Users\Jennefa
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/02/2014 05:50:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {b1988bce-a43e-4042-a55c-133e9038c521}
Error: (10/02/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DUser.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdf26
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000057ce
ID des fehlerhaften Prozesses: 0xc3c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (09/30/2014 07:00:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bfgclient.exe, Version 3.3.0.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17e0
Startzeit: 01cfdccfdbf9c39e
Endzeit: 14
Anwendungspfad: C:\Program Files (x86)\bfgclient\bfgclient.exe
Berichts-ID: 34b52fa5-48c3-11e4-90ba-386077d17015
Error: (08/29/2014 00:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x1a04
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/29/2014 04:50:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x1308
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/29/2014 04:01:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x13dc
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/27/2014 00:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0xb44
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (08/27/2014 08:31:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GPlayer.exe, Version: 2.4.2.13, Zeitstempel: 0x53c64eed
Name des fehlerhaften Moduls: GPlayer.exe, Version: 2.4.2.13, Zeitstempel: 0x53c64eed
Ausnahmecode: 0x40000015
Fehleroffset: 0x000ca0f8
ID des fehlerhaften Prozesses: 0x1010
Startzeit der fehlerhaften Anwendung: 0xGPlayer.exe0
Pfad der fehlerhaften Anwendung: GPlayer.exe1
Pfad des fehlerhaften Moduls: GPlayer.exe2
Berichtskennung: GPlayer.exe3
Error: (08/27/2014 06:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Zamaja.exe, Version: 1.0.6.822, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: Zamaja.exe, Version: 1.0.6.822, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000023b4
ID des fehlerhaften Prozesses: 0x44c
Startzeit der fehlerhaften Anwendung: 0xZamaja.exe0
Pfad der fehlerhaften Anwendung: Zamaja.exe1
Pfad des fehlerhaften Moduls: Zamaja.exe2
Berichtskennung: Zamaja.exe3
Error: (08/27/2014 04:45:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x1750
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
System errors:
=============
Error: (10/03/2014 10:10:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/03/2014 09:47:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/03/2014 09:30:08 PM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/03/2014 08:44:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/03/2014 02:24:00 AM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/03/2014 02:20:29 AM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/03/2014 02:08:01 AM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/03/2014 02:07:22 AM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/03/2014 02:03:19 AM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Error: (10/03/2014 00:46:17 AM) (Source: DCOM) (EventID: 10016) (User: Jennefa-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jennefa-PCJennefaS-1-5-21-610939652-828115785-2253814009-1000LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (10/02/2014 05:50:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {b1988bce-a43e-4042-a55c-133e9038c521}
Error: (10/02/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4DUser.dll6.1.7600.163854a5bdf26c000000500000000000057cec3c01cfde3a41f4b5f8C:\Windows\Explorer.EXEC:\Windows\system32\DUser.dll310b6192-4a49-11e4-853f-386077d17015
Error: (09/30/2014 07:00:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bfgclient.exe3.3.0.217e001cfdccfdbf9c39e14C:\Program Files (x86)\bfgclient\bfgclient.exe34b52fa5-48c3-11e4-90ba-386077d17015
Error: (08/29/2014 00:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d21a0401cfc37541c83e5aC:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll340d3287-2f69-11e4-be0a-386077d17015
Error: (08/29/2014 04:50:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2130801cfc33344e29deeC:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll36e6dea8-2f27-11e4-be0a-386077d17015
Error: (08/29/2014 04:01:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d213dc01cfc32c6a477ba3C:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll62fffd6e-2f20-11e4-be0a-386077d17015
Error: (08/27/2014 00:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2b4401cfc1e21bdab481C:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll0e315c30-2dd6-11e4-b837-386077d17015
Error: (08/27/2014 08:31:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GPlayer.exe2.4.2.1353c64eedGPlayer.exe2.4.2.1353c64eed40000015000ca0f8101001cfc1c08f600a62C:\Program Files (x86)\OXXOGames\GPlayer\GPlayer.exeC:\Program Files (x86)\OXXOGames\GPlayer\GPlayer.execefa9977-2db3-11e4-9243-386077d17015
Error: (08/27/2014 06:08:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zamaja.exe1.0.6.8222a425e19Zamaja.exe1.0.6.8222a425e19c0000005000023b444c01cfc1a6d69b392eC:\Program Files (x86)\DEUTSCHLAND SPIELT\Zamaja\Zamaja.exeC:\Program Files (x86)\DEUTSCHLAND SPIELT\Zamaja\Zamaja.exec074c70d-2d9f-11e4-9243-386077d17015
Error: (08/27/2014 04:45:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2175001cfc19fbb038c5aC:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll457f6c08-2d94-11e4-9243-386077d17015
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 27%
Total physical RAM: 6055.13 MB
Available physical RAM: 4370.28 MB
Total Pagefile: 12108.43 MB
Available Pagefile: 10323.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:645.54 GB) (Free:543.24 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: AF94AF94)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=645.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
|
| Themen zu Windows 7 / Chrome - Neue Tabs öffnen sich selbständig |
| angeblich, brauche, einfach, fehlercode 0x40000015, fehlercode 0xc0000005, freunde, interne, internet, pop-up fenster, problem, schnell, sekunden, selbständig, tab von selbst, tabs öffnen, technik, this device cannot start. (code10), unterwegs, weitergeleitet, werbung, windows, windows 7 |
Linear-Darstellung
