| |
| |||||||
Log-Analyse und Auswertung: MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-FirewallWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.11.2014, 19:14
| #1 |
| |  MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-Firewall Liebe Community, ich bin alles andere als ein Fachmann und freue ich mich deshalb umso mehr, dass es eine Community wie Euch gibt. Danke für jegliche Mühe und Zeit im Voraus! Ich habe nun schon seit mehreren Wochen vergeblich versucht, mein Computer wieder fit zu bekommen. Allerdings weiß ich auch gar nicht, ob er überhaupt noch so einfach zu retten ist. Angefangen hat alles mit häufigen Computerabstürzen und auffällig niedriger Computerleistung, sodass ich meinen Computer schließlich in "Reparatur" gab. Dort hieß es, dass mein Computer mit zahlreichen Viren befallen war. Ich musste für die Reinigung ein Haufen Geld bezahlen, was allerdings das Problem nicht wirklich löste. Die Computerabstürze waren - wenn auch nicht mehr so häufig - noch da. Mir ist zudem aufgefallen, dass sich die Microsoft-Firewall nicht mehr aktivieren lässt (Fehlercode: 0x80070424). Ich habe es aber nicht hinbekommen, das Problem zu lösen. Ich bin nun die letzten Wochen damit beschäftigt gewesen, mit mehreren Antiviren-Programmen (Avira & Panda Free Antivirus), Anti-Malware (SpyBot & AdwCleaner) und sogar mit "www.bitdefender.de" über mein System zu gehen. Die Suche blieb erfolglos. Ich denke, dass mein System einfach ruiniert ist, auch wenn ich das natürlich nicht hoffe. Ich hoffe, dass Ihr mir noch helfen könnt. Ich weiß Eure Mühe sehr zu schätzen. Viele Grüße! Ps.: Es tut mir leid, dass ich die "Gmer.txt"-Datei hochladen musste, der Platz reichte nicht. Ansonsten hoffe ich natürlich, dass die Files auswertbar sind. Ich habe wirklich keine Ahnung davon, bin aber natürlich bereit mich zu engagieren. -------------- "defogger_disable.log" Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:43 on 05/11/2014 (User)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by User at 2014-11-05 17:46:34
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
A Game of Thrones - Genesis (HKLM-x32\...\Steam App 58550) (Version: - Cyanide)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe InDesign CS5.5 (HKLM-x32\...\{857CC5F0-040E-1016-A173-D55ADD80C260}) (Version: 7.5 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
aerosoft's - Antalya X (HKLM-x32\...\{E6E332E8-9BFA-48CC-B03C-F181C1F06DC0}) (Version: 1.02 - aerosoft)
aerosoft's - Approaching Innsbruck X (HKLM-x32\...\{70864384-DD19-44CB-A999-A917F32F623D}) (Version: 1.10 - aerosoft)
aerosoft's - German Airports 1 - Stuttgart (HKLM-x32\...\{D1D50FD9-9867-4139-858E-0C0448CECBA9}) (Version: 1.02 - aerosoft)
aerosoft's - Mega Airport Frankfurt X (HKLM-x32\...\{BAEE0C24-C8C2-4820-9DF4-887909F1A286}) (Version: 1.01 - aerosoft)
Aerosoft's - MyTraffic 2010 (HKLM-x32\...\{37F50C53-EDED-4FFE-9877-532A335C5C18}) (Version: 6.01 - Aerosoft)
Aerosoft's - VFR Germany 3 (HKLM-x32\...\{61C6337D-EDF5-43F0-9E50-541A389070BD}) (Version: 1.01 - Aerosoft)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version: - )
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-5 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 3.9 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 3.9.0 - Wacom Europe GmbH) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.1 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BullGuard Backup (HKLM\...\BullGuard) (Version: 10 - BullGuard Ltd.)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Duden Home (HKLM-x32\...\{288A423E-D6CA-47C3-B480-D1203EB08949}) (Version: 10.1.0 - Bibliographisches Institut GmbH)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Emergency 2 (HKLM-x32\...\{874F0C23-7CA8-4639-9D77-E032E272A3FD}) (Version: 2.00.000 - )
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FDC Accumulative Update (3.13) (HKLM-x32\...\FDC Accumulative Update (3.13)) (Version: - )
FDC Live Cockpit 2011 (HKLM-x32\...\{56C595BA-E2EC-4319-863B-3D8787D49FBF}) (Version: 3.14.0 - aerosoft)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FlyTampa's - Mega Airport Vienna X - FSX (HKLM-x32\...\{400BAAA2-F9AC-469F-9772-8DF9CF5C1273}) (Version: 1.00 - FlyTampa)
Formelrechner (HKLM-x32\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
FSacars (HKLM-x32\...\{FFC78FC9-2FE6-4648-BFEB-446C61C2D61E}) (Version: 4.0 - Jose Oliveira/FSacars team)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
G DATA Logox 4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version: - G DATA Software AG)
G DATA WebSpeech 4 (HKLM-x32\...\ws4.webspeech) (Version: - G DATA Software AG)
GameShadow (HKLM-x32\...\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}) (Version: 2.02.0000 - GameShadow Ltd)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.295 - DrSoft)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hogrefe TestSystem Player 1.15 (HKLM-x32\...\{64DA6582-1D0E-405C-992F-382FAC9198BD}) (Version: 4.5.1434 - Hogrefe Verlag GmbH & Co. KG Göttingen)
HP Foto und Bildbearbeitung 2.0 - hp psc 1200 series (HKLM-x32\...\HP PSC 1200 Series) (Version: - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.11502 - HP)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{AB6268C0-EDA4-46C3-8A1C-11D86A5A8E93}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Speicher-Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Indeo® software (HKLM-x32\...\Indeo® software) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.1 (HKLM-x32\...\{CD0159C9-17FB-11D6-A76A-00B0D079AF64}) (Version: - )
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 32 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Java-Editor 11.39, 2013.05.18 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
Logitech GamePanel Software 3.05.151 (HKLM\...\{BF9FD124-1112-4C8D-8F79-779A11C6287D}) (Version: 3.05.151 - Logitech Inc.)
MAGIX Fotos auf DVD MX Deluxe Download-Version (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_MX_Dlx) (Version: 11.0.0.61 - MAGIX AG)
MAGIX Fotos auf DVD MX Deluxe Download-Version (x32 Version: 11.0.0.61 - MAGIX AG) Hidden
MAGIX Music Maker 17 (Demosongs) (HKLM-x32\...\{20AE2890-0B3E-4B1C-BC6C-AE79AD448C84}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 17 (Soundpaket) (HKLM-x32\...\{3590488B-0095-42D6-9725-A058CAFF9D4A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 17 (Synthesizer und Effekte) (HKLM-x32\...\{F87CDA94-0CDE-4406-AE19-7A54A4EB3048}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 17 Download-Version (HKLM-x32\...\MAGIX_MSI_mm17) (Version: 17.0.2.6 - MAGIX AG)
MAGIX Music Maker 17 Download-Version (x32 Version: 17.0.2.6 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{518AD85A-EBCB-4F26-8A45-86DC5449AC1E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{D4ABBDE0-0F0E-40D7-9296-4227F2722B91}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Premium (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_premium) (Version: 11.0.1.4 - MAGIX AG)
MAGIX Video deluxe MX Premium (Video Plugins) (HKLM-x32\...\{B8CB4CBE-FD0E-4061-BEE2-24333A28C9CA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium (x32 Version: 11.0.1.4 - MAGIX AG) Hidden
MailStore Home 8.2.0.9316 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.2.0.9316 - MailStore Software GmbH)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Thunderbird (5.0) (HKLM-x32\...\Mozilla Thunderbird (5.0)) (Version: 5.0 (de) - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
Nokia Connectivity Cable Driver (HKLM-x32\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Ovi Player (HKLM-x32\...\{A528306A-C5EC-481C-A619-6106334E6800}) (Version: 2.0.1106 - Nokia Ovi Player)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (x32 Version: 3.7.22.0 - Nokia) Hidden
Nokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}) (Version: 2.5.197 - Nokia)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )
NVIDIA 3D Vision Controller-Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PMDG 747-400/400F for FSX (HKLM-x32\...\{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}) (Version: 2.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_AC (HKLM-x32\...\{8A3D1E45-8D8C-4FC6-A769-DF1232776190}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_AF (HKLM-x32\...\{70D78DCD-8369-4857-BFEF-021C9899DA75}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_LH (HKLM-x32\...\{20372FAA-3AF4-4B3D-9B1D-564CDEA5957C}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_NH (HKLM-x32\...\{A1D97ADB-EFF4-4F31-B286-873F06AC6496}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_UA3 (HKLM-x32\...\{EAB979F7-84A6-47B6-AB39-CA73A6EEAE69}) (Version: 1.00.0000 - Precision Manuals Development Group)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.113 - proDAD GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Saitek SST Programming Software (HKLM-x32\...\{967FB80D-56BD-42EF-A942-9E8C78F984A4}) (Version: 1.00.0000 - Saitek)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.6 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (x32 Version: 3.0.2.6 - SmartSound Software Inc) Hidden
Spec Ops: The Line Demo (HKLM-x32\...\Steam App 204980) (Version: - YAGER)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.4.5.2 - Splashtop Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.100 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (HKLM\...\{A25B75A1-D9B5-43FC-86F7-6E85DC5AB37E}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
SuperTrafficBoard (HKLM-x32\...\{9E7AC723-F54E-4D13-A888-0EAE66586FF8}) (Version: 3.1 - FlyingWSimulation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH)
Total Video Converter 3.60 100204 (HKLM-x32\...\Total Video Converter 3.61_is1) (Version: - EffectMatrix Inc.)
Transfer Utility (HKLM-x32\...\{0ECE15AC-CB68-40EC-B70D-1B220717844C}) (Version: 2.05.251 - PIXELA)
Tropico 5 (HKCU\...\Tropico5) (Version: 1.03 - Kalypso Media)
Ulead VideoStudio 9.0 (HKLM-x32\...\{88F92798-59AB-474F-B40D-1EC5F782F7EE}) (Version: 9.0 - Ulead System)
VAcars (HKLM-x32\...\{A8CF0EBC-DEFC-40B2-8707-08A428C3CC12}) (Version: 1.1.3 - VAcars)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Atheros (L1C) Net (09/27/2010 1.0.0.36) (HKLM\...\2E85B24B7EDF495B57D81136F09567FA79E17482) (Version: 09/27/2010 1.0.0.36 - Atheros)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Logs Client (4.2) (HKCU\...\World of Logs Client (4.2)) (Version: - Digibites Technology)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.2.0.16826 - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{AFD6BFDC-F329-41BB-9C53-764B965DD483}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
04-11-2014 00:40:22 PC Connectivity Solution wird entfernt
04-11-2014 00:42:35 Removed Hogrefe TestSystem Player 1.15
04-11-2014 00:43:46 Removed GameShadow
04-11-2014 18:30:39 Gerätetreiber-Paketinstallation: COMODO Netzwerkdienst
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-01-15 19:38 - 2010-05-13 17:53 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0170117B-28EF-4273-8151-5CAA4095DD54} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {267B4E23-F3EE-41D9-94F1-E27A554B458D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {2CD5F049-55B5-4EB1-A3D6-D45B4C26AAF7} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {2E742F63-556B-4A63-B533-F21870FD85B1} - System32\Tasks\{5AEB02E0-B4AE-422B-B009-40A31682C4E4} => J:\SETUP.EXE
Task: {32AE6473-7F1F-464B-9C40-9A108D24143F} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {3603EA61-9EB7-46E1-B4DF-64A19F9AE687} - System32\Tasks\{74CF0E03-FB98-49E3-89BD-2EC9BF9935C0} => C:\Program Files (x86)\Aerosoft\FDC\Fdc.exe [2006-11-20] (CSC)
Task: {36326BE6-D79F-4EC1-BEFE-744384BBDDD6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {45934EBE-B1CD-421A-BA86-EB8C80544979} - System32\Tasks\{B589DA5D-624D-4CF9-A81B-E952B9919323} => C:\Program Files (x86)\Aerosoft\FDC\Fdc.exe [2006-11-20] (CSC)
Task: {470BD097-0F77-44C1-8C88-42235E40660F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.)
Task: {52DF3BFB-E77C-4771-BB70-A3EC3C7466FA} - System32\Tasks\{DC4C9E4D-9E81-446B-989E-91CB33E9BB4F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.115.259/en/abandoninstall?page=tsMain
Task: {54AAAD1E-F574-486B-A1B6-544B074D99A0} - System32\Tasks\{0A791C13-988F-4697-84D6-46C7F7436222} => C:\Program Files (x86)\Flight One Software\Audio Environment\AudioEnvironment.exe [2010-02-10] (Microsoft)
Task: {580CD3E8-209E-4A1E-B607-4076E510CE6B} - System32\Tasks\{EAFE2A0E-5DF1-42D1-BF18-3B5F3A05A018} => J:\SETUP.EXE
Task: {5AB5C634-6F8A-45EB-8BDE-8B8DA1C343FD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5B35D928-3CE5-4719-9772-F922478E9B14} - System32\Tasks\{DAF8D6FD-3002-462D-B402-2293A84C55D0} => C:\Program Files (x86)\Aerosoft\FDC\FDC.exe [2006-11-20] (CSC)
Task: {630A310C-AB7E-4964-AC46-2A67AF414F6C} - System32\Tasks\{857B175B-6B52-48B1-949E-51F5A41EE471} => D:\Program Files (x86)\FSacars\fsacars.exe [2011-07-23] (Jose Oliveira)
Task: {75138E62-E209-432E-9F55-9448D1E4D522} - System32\Tasks\{AF901C69-48DF-422A-A6F0-328D5678BA5D} => J:\SETUP.EXE
Task: {7966CEF3-8484-46F3-A606-BF3695BBDC37} - System32\Tasks\{83503FF1-00CD-453D-A042-47D15F82D5C9} => J:\Setup.exe
Task: {79875432-69F7-44B3-AC6C-60976A8DA15C} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {7F5CBFA1-5220-43F9-BC5B-E0D5B0044B0A} - System32\Tasks\{62C2B61F-6B8C-4D10-AA72-36C7DBFE7938} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.59.102/de/abandoninstall?page=tsMain
Task: {854BA480-0642-4E28-ACBB-DDA45889A27B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-05] (Adobe Systems Incorporated)
Task: {8CBB936B-F3B9-4ACC-AB00-3ED96F00BEA3} - System32\Tasks\{076B59DE-D1C9-4735-B036-375082F5EE4D} => D:\Program Files (x86)\FSacars\fsacars.exe [2011-07-23] (Jose Oliveira)
Task: {8E3B4F17-6EE7-4A80-8310-0F08B25E879B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.)
Task: {9B5985D0-40B9-4E8E-B08E-F682054C0C12} - System32\Tasks\{51E33F82-667E-4DD0-A188-EFEE233A01B1} => J:\SETUP.EXE
Task: {AF005699-A5BA-44D2-8D1D-E6A1D8E83395} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {B1C7BA39-9482-45FE-AC63-B99F6CFF429F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {B21A0DEE-CAAB-4FC0-8D18-66D939B6DE16} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {B2608FA9-CD6F-4302-B04F-90C91F0EE0D4} - System32\Tasks\{1E9EA941-BB99-4C45-9DC2-A60DCF14845C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {BA914ADF-3746-4EF7-9F6F-CA8109EC1E43} - System32\Tasks\{EB0E8BB5-0D65-44F6-8B16-12BA4E371407} => D:\Program Files (x86)\Mobipocket.com\Mobipocket Reader\reader.exe
Task: {BDFD0501-B20D-4198-BB29-2FB49096DD35} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C0A26EE5-D0F1-4C88-8271-C85D7362B6CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {C1051578-CC73-4B93-9823-B6F577907F8D} - System32\Tasks\{44A781C8-DA87-4D56-9831-C74D03B98588} => D:\Program Files (x86)\FSacars\fsacars.exe [2011-07-23] (Jose Oliveira)
Task: {C33A6704-C4BA-423B-81A7-BA43D37087A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C41CF894-AC0E-4685-8BBF-EB5ABB3859D1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {CA3818B8-11E7-4E18-9FFF-84AA04FF0D63} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-07-25] ()
Task: {CBD15674-739B-499B-9593-D8056CA5079E} - System32\Tasks\{1DB0575A-6F32-46E6-9C8A-256339187528} => E:\World of Warcraft\World of Warcraft Launcher.exe [2013-03-07] (Blizzard Entertainment)
Task: {CC501072-7E18-4694-8632-93A538B6A65E} - System32\Tasks\{B9097010-4E09-4622-8788-3258916CD339} => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Sonderedition_Download-Version\Videodeluxe.exe
Task: {D1C8D56F-5237-4417-A28F-8E083F59A79A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {D897CA9E-2456-4001-9655-6AAC286942B2} - System32\Tasks\{8DC5B7F6-CE0C-4695-9990-603F76A07C40} => C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-12-10] (Microsoft Corp.)
Task: {D8CE62AB-396D-4A36-A9A5-832C2387C5F6} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-USER-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {D9E72648-40AE-41AD-98D9-3B3865E8CE82} - System32\Tasks\{01BD3E78-BA7C-4E51-A99C-B485D232E0AF} => J:\SETUP.EXE
Task: {DF70B19A-BE83-429C-B846-DEDB4F22B561} - System32\Tasks\{8F8FBB52-3EFE-4D37-B1F3-B3C634D73517} => D:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 9.0\vstudio.exe [2005-03-24] (Ulead Systems, Inc.)
Task: {E07525BE-512B-4E3C-9ADE-F8989F3F1FC4} - System32\Tasks\{45DDD10E-1AA0-4806-8D2B-360002D94486} => C:\Program Files (x86)\avmwlanstick\WLanGUI.exe [2010-10-22] (AVM Berlin)
Task: {E5BE1D6B-FFA0-45AC-A44E-21903698A091} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {F758F7A1-DF66-4E60-A8EB-7D57745D0665} - System32\Tasks\{1506E452-BE8B-46F7-B57E-6BD9A970E8B7} => J:\SETUP.EXE
Task: {FAD18B70-853C-4D16-8B98-DE43F460A13D} - System32\Tasks\{7701AA64-4600-4117-86E6-B14D807BC5A1} => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Sonderedition_Download-Version\Videodeluxe.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) =============
2012-05-31 14:48 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00601432 _____ () c:\program files\bullguard ltd\bullguard backup\libxml2.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00086360 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\zlib1.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00601432 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\libxml2.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00065368 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\LIBBZ2.dll
2014-03-15 16:58 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-09-26 15:25 - 2014-01-03 00:34 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-07-24 00:42 - 2010-10-13 10:41 - 01182576 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2010-10-21 12:45 - 2010-10-21 12:45 - 00092048 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\res\de\BackupShellNamespaceRes.dll
2011-07-23 16:45 - 2011-05-28 21:05 - 00164864 _____ () D:\Program Files\WinRAR\rarext.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () D:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-02-08 11:34 - 2012-08-16 18:04 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-08 11:34 - 2012-08-16 18:04 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-01 17:12 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-01 17:12 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-01 17:12 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-01 17:12 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-01 17:12 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-11-05 17:19 - 2014-11-05 17:19 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9dtq2j.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-23 08:37 - 2014-09-23 19:27 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-09-23 08:39 - 2014-09-09 14:12 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2013-11-13 19:40 - 2014-08-19 09:46 - 00125096 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\OUTLCTL.DLL
2014-11-02 11:14 - 2014-10-22 05:04 - 01042760 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-02 11:14 - 2014-10-22 05:04 - 00211272 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-02 11:14 - 2014-10-22 05:04 - 08910664 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-02 11:14 - 2014-10-22 05:04 - 01681224 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-02 10:24 - 2014-11-02 10:24 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-07-20 12:00 - 2010-11-05 22:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FILSHtray.lnk => C:\Windows\pss\FILSHtray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 1000 series.lnk => C:\Windows\pss\hp psc 1000 series.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk => C:\Windows\pss\hpoddt01.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Transfer Utility Camera Monitor.lnk => C:\Windows\pss\Transfer Utility Camera Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - .lnk => C:\Windows\pss\Tintenwarnungen überwachen - .lnk.Startup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AudialsNotifier => E:\Program Files (x86)\RapidSolution\Audials 10\AudialsNotifier.exe
MSCONFIG\startupreg: BullGuard => "C:\Program Files\BullGuard Ltd\BullGuard Backup\bullguard.exe" -boot
MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCDMon => "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
MSCONFIG\startupreg: Launch LgDeviceAgent => "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Ocs_SM => C:\Users\User\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: PDFPrint => D:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SaiMfd => C:\Program Files (x86)\Saitek\Software\SaiMfd.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2771076119-1783207638-1657993630-500 - Administrator - Disabled)
Gast (S-1-5-21-2771076119-1783207638-1657993630-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2771076119-1783207638-1657993630-1003 - Limited - Enabled)
Mcx1-USER-PC (S-1-5-21-2771076119-1783207638-1657993630-1007 - Limited - Enabled) => C:\Users\Mcx1-USER-PC
User (S-1-5-21-2771076119-1783207638-1657993630-1000 - Administrator - Enabled) => C:\Users\User
==================== Faulty Device Manager Devices =============
Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/05/2014 05:19:34 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.
Möchten Sie im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft Outlook.
Error: (11/05/2014 05:15:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.22.50000, Zeitstempel: 0x54216bb2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x7cc
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (11/05/2014 05:15:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (11/05/2014 05:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.22.50000, Zeitstempel: 0x54216bb2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x634
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (11/05/2014 05:06:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (11/05/2014 04:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0x0000046b
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x260
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3
Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (11/05/2014 01:19:45 PM) (Source: SDUpdateService) (EventID: 0) (User: )
Description: Service failed on shutdown: Access violation at address 30447444 in module 'SDUpdSvc.exe'. Write of address 00000062
System errors:
=============
Error: (11/05/2014 05:18:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error: (11/05/2014 05:18:01 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" ist von folgendem Dienst abhängig: wscsvc. Dieser Dienst ist eventuell nicht installiert.
Error: (11/05/2014 05:17:39 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (11/05/2014 05:17:37 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (11/05/2014 05:17:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/05/2014 05:17:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.
Error: (11/05/2014 05:17:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Error: (11/05/2014 05:17:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/05/2014 05:17:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.
Error: (11/05/2014 05:15:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {84F66100-FF7C-4FB4-B0C0-02CD7FB668FE}
Microsoft Office Sessions:
=========================
Error: (11/05/2014 05:19:34 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.
Möchten Sie im abgesicherten Modus starten?
Error: (11/05/2014 05:15:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.22.5000054216bb2KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d7cc01cff913acb38a7cC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dllf37f3b49-6506-11e4-8dc5-d3893530ec3f
Error: (11/05/2014 05:15:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (11/05/2014 05:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.22.5000054216bb2KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d63401cff9127fe9a8e3C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dllcbd67060-6505-11e4-8dc5-d3893530ec3f
Error: (11/05/2014 05:06:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (11/05/2014 04:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmpnetwk.exe12.0.7601.175144ce7ae7fKERNELBASE.dll6.1.7601.184095315a05a0000046b000000000000940d26001cff910977a17b8C:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dllf1d2108b-6503-11e4-98f4-001c4afba29d
Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (11/05/2014 01:19:45 PM) (Source: SDUpdateService) (EventID: 0) (User: )
Description: Service failed on shutdown: Access violation at address 30447444 in module 'SDUpdSvc.exe'. Write of address 00000062
CodeIntegrity Errors:
===================================
Date: 2014-08-17 19:02:14.119
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.999
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.872
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.752
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.639
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.522
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.406
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.291
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:02:13.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard Backup\Spamfilter\LittleHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-17 19:01:01.300
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 35%
Total physical RAM: 8174.63 MB
Available physical RAM: 5242.63 MB
Total Pagefile: 16347.43 MB
Available Pagefile: 12722.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Wichtiges) (Fixed) (Total:934.7 GB) (Free:324.48 GB) NTFS
Drive d: (Sonstiges) (Fixed) (Total:439.45 GB) (Free:384.55 GB) NTFS
Drive e: (Spiele) (Fixed) (Total:488.77 GB) (Free:318.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 62E70C02)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=934.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=488.8 GB) - (Type=OF Extended)
==================== End Of Log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by User (administrator) on USER-PC on 05-11-2014 17:45:41
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User & Mcx1-USER-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$2dba11519d2d2773c1a02a0a15f84fb5\n. ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [] => [X]
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [Duden Korrektor SysTray] => H:\Duden\Duden Korrektor\DKTray.exe
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\MountPoints2: {4764f2b2-b2bd-11e0-bba5-806e6f6e6963} - F:\Autorun.EXE
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\MountPoints2: {efe9023c-b471-11e0-a1d0-1078d2d0165d} - H:\pushinst.exe
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk
ShortcutTarget: Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: 196.201.217.49:4009
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7FFB65557947CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - {22F825A7-7BEF-4E56-BD39-D50C6C41813B} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {2FE3ECC2-A0D0-496F-8C0F-FE851CC3773F} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=f141b75c-cb47-11e0-a93c-001c4afba29d&q={searchTerms}
SearchScopes: HKCU - {1C5D3042-D942-47C6-A3AE-D4EFA31121D6} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {22F825A7-7BEF-4E56-BD39-D50C6C41813B} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {2FE3ECC2-A0D0-496F-8C0F-FE851CC3773F} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=f141b75c-cb47-11e0-a93c-001c4afba29d&q={searchTerms}
SearchScopes: HKCU - {4423E8D1-AF5C-446A-813F-DE1734A4CB1D} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {633FF6FE-FCB9-4D58-B1A1-284F2D649A6A} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {95389EF9-FD35-4128-BA79-4FE66D83DD4B} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {9D6E6DE5-4A21-4740-B9B2-2EE47B3FC80F} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {BEAD097E-82B4-406F-87BF-F04ED59E4CEE} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {D705FD54-9538-4E3F-AC16-F1D423778352} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=5J&apn_dtid=YYYYYYYYDE&apn_uid=ba260eef-dcd6-4dac-a4c5-d9e9bb2293b6&apn_sauid=0C7BD111-DF94-403D-BC35-6A422C38F3BD
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> H:\Java\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> H:\Java\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WebSpeechBHO Class -> {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} -> C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - No File
Toolbar: HKLM-x32 - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - No File
DPF: HKLM {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc64.cab
DPF: HKLM {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.0.cab
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///J:/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///J:/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///J:/components/wmvhdrating.ocx
Handler: htap - {83EC570E-9FFA-11D2-9559-006008594011} - No File
Handler: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} - No File
Handler-x32: htap - {83EC570E-9FFA-11D2-9559-006008594011} - No File
Handler-x32: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2BD76A31-CBAD-4DC9-9160-8857EA0FA56B}: [NameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> H:\Java\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> H:\Java\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @hogrefe.de/nphtspse,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspse.dll No File
FF Plugin-x32: @hogrefe.de/nphtspst,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspst.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\User\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: No Name - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - D:\Program Files (x86)\Steganos Password Manager 12\spmplugin3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard Backup\files32\backup\thunderbirdbkplugin
FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard Backup\files32\backup\thunderbirdbkplugin [2014-02-20]
Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-31]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-31]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-31]
CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-11-05]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-31]
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor7.0; D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-16] (Adobe Systems Incorporated)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard Backup\Support\BgRaSvc.exe [161112 2014-05-19] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard Backup\BsMain.dll [269656 2014-05-19] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe [409944 2014-02-20] (BullGuard Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-07-24] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Users\User\AppData\Local\Temp\7zS59A8\hpslpsvc64.dll [1039360 2011-08-23] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2011-12-05] (Oak Technology Inc.) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 SaiH075C; C:\Windows\System32\DRIVERS\SaiH075C.sys [326784 2006-07-27] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [54016 2006-07-27] (Saitek) [File not signed]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-05 17:45 - 2014-11-05 17:46 - 00029301 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-05 17:45 - 2014-11-05 17:45 - 00000000 ____D () C:\FRST
2014-11-05 17:44 - 2014-11-05 17:44 - 02114560 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-11-05 17:43 - 2014-11-05 17:43 - 00000470 _____ () C:\Users\User\Desktop\defogger_disable.log
2014-11-05 17:39 - 2014-11-05 17:41 - 00000470 _____ () C:\Users\User\Downloads\defogger_disable.log
2014-11-05 17:39 - 2014-11-05 17:39 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-11-05 17:38 - 2014-11-05 17:38 - 00050477 _____ () C:\Users\User\Desktop\Defogger.exe
2014-11-05 17:33 - 2014-11-05 17:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-05 17:31 - 2014-11-05 17:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-11-05 17:28 - 2014-11-05 17:32 - 131078000 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup.exe
2014-11-05 17:21 - 2014-11-05 17:21 - 00003124 _____ () C:\Windows\System32\Tasks\{04D0D7CE-7872-481F-860B-7FF6FA53280D}
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\pandasecuritytb
2014-11-05 15:30 - 2014-11-05 16:12 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\Panda Security
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-11-05 15:29 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Panda Security
2014-11-05 14:39 - 2014-11-05 14:41 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-11-05 14:39 - 2014-11-05 14:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 14:38 - 2014-11-05 14:38 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-11-05 12:45 - 2014-11-05 12:45 - 00000000 ___HD () C:\VTRoot
2014-11-05 12:38 - 2014-11-05 16:25 - 00201448 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-04 23:11 - 2014-11-04 23:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Comodo
2014-11-04 19:29 - 2014-11-04 19:30 - 00000000 ____D () C:\Program Files\COMODO
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-11-04 19:28 - 2014-11-04 23:11 - 00000000 ____D () C:\ProgramData\Comodo
2014-11-04 13:42 - 2014-11-04 13:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-11-04 13:30 - 2014-11-05 13:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-11-04 13:24 - 2014-11-05 13:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-04 01:40 - 2014-11-04 01:40 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-11-04 01:39 - 2011-07-05 13:38 - 00851400 _____ (proDAD GmbH) C:\uninstall.exe
2014-11-04 01:02 - 2014-11-04 01:05 - 121159424 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
2014-11-03 23:25 - 2014-11-03 23:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-11-02 11:44 - 2014-11-03 15:40 - 00008452 _____ () C:\Windows\PFRO.log
2014-11-02 11:23 - 2014-11-02 11:23 - 00001574 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-02 11:23 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\Program Files\iTunes
2014-11-02 11:22 - 2014-11-02 11:22 - 00000000 ____D () C:\Program Files\iPod
2014-11-02 11:20 - 2014-11-02 11:41 - 00000000 ____D () C:\Users\User\Desktop\US INTERN (PICS)
2014-10-18 21:14 - 2014-10-18 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-18 20:45 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 20:45 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-18 20:44 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-18 20:44 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-18 20:44 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-18 20:44 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 20:44 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 20:44 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 20:44 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-18 20:44 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-18 20:44 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 20:44 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-18 20:44 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-18 20:44 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 20:44 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 20:44 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 20:44 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 20:44 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-18 20:44 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 20:44 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-18 20:44 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 20:44 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-18 20:44 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-18 20:44 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-18 20:40 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 20:40 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 20:40 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 20:40 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-18 20:40 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-18 20:40 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-18 20:39 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 20:39 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 20:28 - 2014-10-18 20:28 - 00001146 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-10 12:50 - 2014-11-05 17:17 - 00002825 _____ () C:\Windows\setupact.log
2014-10-10 12:50 - 2014-10-10 12:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 12:49 - 2014-11-02 10:18 - 05235032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-08 21:06 - 2014-10-08 21:06 - 01375089 _____ () C:\Users\User\Downloads\adwcleaner_3.311.exe
2014-10-08 20:51 - 2010-05-13 17:53 - 00001204 _____ () C:\Windows\system32\Drivers\etc\hosts.20141008-215141.backup
2014-10-08 14:55 - 2014-10-08 14:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hogrefe Verlag GmbH & Co. KG Göttingen
2014-10-08 14:54 - 2014-10-08 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hogrefe TestSystem Player 1.15
2014-10-08 14:54 - 2014-10-08 14:56 - 00000000 ____D () C:\Users\Public\Documents\Hogrefe
2014-10-08 14:54 - 2014-10-08 14:54 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-10-08 14:54 - 2014-10-08 14:54 - 00000000 ____D () C:\ProgramData\Hogrefe
2014-10-08 14:53 - 2014-10-08 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hogrefe
2014-10-08 14:52 - 2014-10-08 14:53 - 28105480 _____ (Hogrefe Verlag Göttingen) C:\Users\User\Downloads\hts4player4.5.1434.exe
2014-10-06 16:22 - 2014-10-06 16:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\EncryptStick
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-05 17:27 - 2011-07-23 23:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 17:26 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:26 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:24 - 2009-07-14 18:58 - 00725976 _____ () C:\Windows\system32\perfh007.dat
2014-11-05 17:24 - 2009-07-14 18:58 - 00158600 _____ () C:\Windows\system32\perfc007.dat
2014-11-05 17:24 - 2009-07-14 06:13 - 01681550 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-05 17:22 - 2013-12-09 17:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-05 17:22 - 2011-07-20 11:49 - 01431455 _____ () C:\Windows\WindowsUpdate.log
2014-11-05 17:19 - 2014-09-19 22:01 - 00000000 ___RD () C:\Users\User\iCloudDrive
2014-11-05 17:19 - 2014-03-03 14:31 - 00000000 ____D () C:\Users\User\Documents\Outlook-Dateien
2014-11-05 17:19 - 2011-08-08 19:28 - 00000000 ___RD () C:\Users\User\Dropbox
2014-11-05 17:19 - 2011-08-08 19:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-11-05 17:19 - 2011-07-23 23:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-05 17:17 - 2012-07-25 15:21 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-11-05 17:16 - 2011-07-20 12:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-05 17:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-05 17:15 - 2013-10-23 18:52 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-05 17:01 - 2009-07-14 05:45 - 00021504 _____ () C:\Windows\system32\umstartup.etl
2014-11-05 16:51 - 2012-04-03 08:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-05 16:32 - 2012-04-03 08:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-05 16:32 - 2012-04-03 08:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-05 16:32 - 2011-07-22 19:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-05 16:31 - 2011-07-22 19:13 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-11-05 16:22 - 2014-09-01 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-05 16:22 - 2014-03-12 20:43 - 00000000 ____D () C:\ProgramData\Duden
2014-11-05 16:22 - 2014-02-20 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILEminimizer Pictures 3.0
2014-11-05 16:22 - 2012-07-08 20:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow
2014-11-05 16:22 - 2012-06-26 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4
2014-11-05 16:22 - 2012-01-29 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2014-11-05 16:22 - 2012-01-08 16:40 - 00000000 ____D () C:\Users\Mcx1-USER-PC
2014-11-05 16:22 - 2011-08-07 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
2014-11-05 16:22 - 2011-07-20 15:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-05 16:21 - 2014-03-12 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duden
2014-11-05 16:21 - 2012-05-29 06:03 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-11-05 16:21 - 2012-01-29 13:50 - 00000000 ____D () C:\Program Files\DivX
2014-11-05 16:21 - 2012-01-29 13:49 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-11-05 16:21 - 2012-01-29 13:48 - 00000000 ____D () C:\ProgramData\DivX
2014-11-04 23:36 - 2014-09-01 17:02 - 00000000 ____D () C:\AdwCleaner
2014-11-04 01:45 - 2012-12-29 21:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\DivX
2014-11-04 01:39 - 2013-05-26 14:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-04 01:34 - 2014-09-01 09:56 - 00000000 ____D () C:\Windows\pss
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-11-04 01:11 - 2013-01-02 23:44 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA.job
2014-11-02 13:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-02 11:52 - 2013-01-02 16:23 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F5380F5B-14A5-4785-BB60-BD2CC61FFFEF}
2014-11-02 11:49 - 2013-02-14 12:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-02 11:23 - 2013-09-20 16:41 - 00054156 ____H () C:\Windows\QTFont.qfn
2014-11-02 11:22 - 2014-09-19 18:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-02 11:22 - 2012-01-14 23:27 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-02 11:11 - 2013-01-02 23:44 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core.job
2014-11-02 11:06 - 2013-01-02 23:44 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA
2014-11-02 11:06 - 2013-01-02 23:44 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core
2014-11-02 10:22 - 2011-07-23 23:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-02 10:21 - 2011-07-23 23:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-02 10:15 - 2014-05-06 13:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-18 21:14 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 21:07 - 2011-07-20 12:55 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-18 20:23 - 2014-02-18 20:19 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-09 17:04 - 2012-05-29 01:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-10-09 16:19 - 2011-07-24 18:50 - 00001456 _____ () C:\Users\User\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-10-08 16:26 - 2014-07-21 19:43 - 07551668 _____ () C:\Users\User\Desktop\Projekt China.MVP
2014-10-07 22:23 - 2011-08-03 12:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2014-10-06 17:12 - 2011-07-23 16:13 - 00000000 ____D () C:\Users\User\Pascal
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2771076119-1783207638-1657993630-1000\$2dba11519d2d2773c1a02a0a15f84fb5
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$2dba11519d2d2773c1a02a0a15f84fb5
Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\User\hpothb07.dat
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9dtq2j.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 14:11
==================== End Of Log ============================
|
| Themen zu MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-Firewall |
| 0x8007042, adware.domaiq, bereit, beschädigung, fehlercode 0x0000046b, fehlercode 0x5, fehlercode 0x80070424)., fehlercode 0xe0434352, fehlercode 22, fehlercode 28, fehlercode windows, office 365, pup.offerbundler.st, pup.optional.conduit.a, pup.optional.domaiq, pup.optional.domalq, pup.optional.opencandy, pup.optional.softonic.a, refresh, tablet, this device is disabled. (code 22), win32/domaiq.bb, win32/domaiq.bf, win32/softpulse.o, win32/somoto.a, win32/toolbar.conduit, win32/toolbar.conduit.b |
Baum-Darstellung