| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Continue Live InstallationWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
18.11.2014, 12:46
| #1 |
| |  Windows 8.1: Continue Live Installation Hallo zusammen, ich habe wohl vor einiger Zeit unbedacht etwas installiert. Seitdem öffnet sich etwa bei jedem zweiten Systemstart diese Live Installation. Ich weiß leider nicht, wie ich das entfernen kann und hoffe ihr könnt mir dabei helfen. Die Schritte 1 und 2 habe ich schon unternommen, Schritt 3 (GMER) kann ich leider nicht ausführen. Hier kommt folgende Meldung: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Hier die entsprechenden Files: FRST.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014
Ran by felix_000 (administrator) on FELIXTHURMPC on 18-11-2014 12:32:22
Running from C:\Users\felix_000\Desktop
Loaded Profile: felix_000 (Available profiles: felix_000)
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
() C:\Users\felix_000\AppData\Roaming\VOPackage\VOsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Dropbox, Inc.) C:\Users\felix_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Swiss Academic Software) C:\Program Files (x86)\Citavi 4\bin\Citavi.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-17] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-09-05] ( (Atheros Communications))
HKU\S-1-5-21-26897021-869315037-3891993983-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [17661809 2014-10-22] ()
HKU\S-1-5-21-26897021-869315037-3891993983-1001\...\MountPoints2: G - "G:\setup\rsrc\Autorun.exe"
IFEO\deliverytray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\Users\felix_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-26897021-869315037-3891993983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1410083023&from=cor&uid=WDCXWD10EZEX-75M2NA0_WD-WCC3F562921529215&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1410083023&from=cor&uid=WDCXWD10EZEX-75M2NA0_WD-WCC3F562921529215&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1410083023&from=cor&uid=WDCXWD10EZEX-75M2NA0_WD-WCC3F562921529215&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1410083023&from=cor&uid=WDCXWD10EZEX-75M2NA0_WD-WCC3F562921529215&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0943637D-07C7-482E-8BA3-17FC54A83C5D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0943637D-07C7-482E-8BA3-17FC54A83C5D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
FireFox:
========
FF ProfilePath: C:\Users\felix_000\AppData\Roaming\Mozilla\Firefox\Profiles\048c5526.Standard-Benutzer
FF SearchEngineOrder.1: Mysearchdial
FF Homepage: hxxp://www.kicker.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\felix_000\AppData\Roaming\Mozilla\Firefox\Profiles\048c5526.Standard-Benutzer\user.js
FF SearchPlugin: C:\Users\felix_000\AppData\Roaming\Mozilla\Firefox\Profiles\048c5526.Standard-Benutzer\searchplugins\Mysearchdial.xml
FF Extension: Adblock Plus - C:\Users\felix_000\AppData\Roaming\Mozilla\Firefox\Profiles\048c5526.Standard-Benutzer\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-09-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-14]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-09-05] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-20] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [152272 2014-09-18] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-07] (Cherished Technololgy LIMITED)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [49664 2013-10-08] (Haufe-Lexware GmbH & Co. KG) [File not signed]
R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-15] (Electronic Arts)
R4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 servervo; C:\Users\felix_000\AppData\Roaming\VOPackage\VOsrv.exe [89600 2014-11-14] () [File not signed]
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-07] (Fuyu LIMITED) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-05-27] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-09-19] (Sony Mobile Communications)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64; C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [61072 2014-09-06] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-18 12:31 - 2014-11-18 12:31 - 00050477 _____ () C:\Users\felix_000\Desktop\Defogger.exe
2014-11-18 12:31 - 2014-11-18 12:31 - 00000480 _____ () C:\Users\felix_000\Desktop\defogger_disable.log
2014-11-18 12:31 - 2014-11-18 12:31 - 00000000 _____ () C:\Users\felix_000\defogger_reenable
2014-11-18 12:27 - 2014-11-18 12:32 - 00018618 _____ () C:\Users\felix_000\Desktop\FRST.txt
2014-11-18 12:27 - 2014-11-18 12:32 - 00000000 ____D () C:\FRST
2014-11-18 12:26 - 2014-11-18 12:26 - 02117120 _____ (Farbar) C:\Users\felix_000\Desktop\FRST64.exe
2014-11-18 10:38 - 2014-11-18 10:38 - 00001147 _____ () C:\Users\felix_000\Desktop\Continue Live Installation.lnk
2014-11-18 07:18 - 2014-11-18 07:18 - 00000000 ___RD () C:\Users\felix_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-17 11:29 - 2014-11-17 11:48 - 00000000 ____D () C:\Users\felix_000\Documents\Bewerbungen
2014-11-15 16:45 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-11-15 16:45 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-11-15 16:45 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-11-15 16:45 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-11-15 16:45 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-11-15 16:45 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-11-15 16:45 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-11-15 16:45 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-11-15 16:45 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-11-15 16:45 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-11-15 16:45 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-11-15 16:45 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-11-15 16:45 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-11-15 16:45 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-11-15 16:45 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-11-15 16:45 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-11-15 16:45 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-11-15 16:45 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-11-15 16:45 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-11-15 16:45 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-11-15 16:45 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-11-15 16:45 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-11-15 16:45 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-11-15 16:45 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-11-15 16:45 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-11-15 16:45 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-11-15 16:45 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-11-15 16:45 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-11-15 16:45 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-11-15 16:45 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-11-15 16:45 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-11-15 16:45 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-11-15 16:45 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-11-15 16:45 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-11-15 16:45 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-11-15 16:45 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-11-15 16:45 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-11-15 16:45 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-11-15 16:45 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-11-15 16:45 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-11-15 16:45 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-11-15 16:45 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-11-15 16:45 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-11-15 16:45 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-11-15 16:45 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-11-15 16:45 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-11-15 16:45 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-11-15 16:45 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-11-15 16:45 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-11-15 16:45 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-11-15 16:45 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-11-15 16:45 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-11-15 16:45 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-11-15 16:45 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-11-15 16:45 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-11-15 16:45 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-11-15 16:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-11-15 16:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-11-15 16:44 - 2014-11-15 16:44 - 00000331 _____ () C:\Windows\game.ini
2014-11-15 16:33 - 2014-11-15 16:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-15 16:32 - 2014-11-15 17:44 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\Origin
2014-11-15 16:32 - 2014-11-15 16:33 - 00000000 ____D () C:\Users\felix_000\AppData\Local\Origin
2014-11-15 16:31 - 2014-11-15 17:44 - 00000000 ____D () C:\ProgramData\Origin
2014-11-15 16:31 - 2014-11-15 17:44 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-15 16:31 - 2014-11-15 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-15 16:31 - 2014-11-15 16:31 - 00000989 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-11-15 16:31 - 2014-11-15 16:31 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-11-15 16:30 - 2014-11-15 16:30 - 17101208 _____ (Electronic Arts, Inc.) C:\Users\felix_000\Downloads\OriginThinSetup.exe
2014-11-15 14:57 - 2014-11-15 14:57 - 00000219 _____ () C:\Users\felix_000\Desktop\Counter-Strike Source.url
2014-11-14 11:45 - 2014-11-14 11:45 - 00000000 ____D () C:\Program Files (x86)\predm
2014-11-14 11:43 - 2014-11-14 11:43 - 00003150 _____ () C:\Windows\System32\Tasks\{3012C4D5-FA9A-4B79-8A03-F47C581659F1}
2014-11-14 11:40 - 2014-11-14 11:40 - 00613012 _____ (CMI Limited) C:\Users\felix_000\AppData\Local\nss300A.tmp
2014-11-14 11:40 - 2014-11-14 11:40 - 00002065 _____ () C:\Windows\patsearch.bin
2014-11-14 11:40 - 2014-11-14 11:40 - 00000145 _____ () C:\Users\felix_000\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-11-14 11:40 - 2014-11-14 11:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrT_01009.Wdf
2014-11-14 11:37 - 2014-11-14 11:37 - 00628448 _____ (CMI Limited) C:\Users\felix_000\AppData\Local\nsv4B31.tmp
2014-11-14 11:37 - 2014-11-14 11:37 - 00000000 __SHD () C:\Users\felix_000\AppData\Roaming\AnyProtectEx
2014-11-14 10:44 - 2014-11-14 10:44 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-11-14 10:32 - 2014-11-14 10:32 - 00000000 __SHD () C:\Users\felix_000\AppData\Local\EmieBrowserModeList
2014-11-14 10:27 - 2014-11-18 07:17 - 00000388 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-11-14 10:27 - 2014-11-14 10:27 - 00003418 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-11-14 10:27 - 2014-11-14 10:27 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\VOPackage
2014-11-14 10:27 - 2014-11-14 10:27 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-11-14 10:27 - 2014-11-14 10:27 - 00000000 ____D () C:\Users\felix_000\AppData\Local\28090
2014-11-14 10:26 - 2014-11-14 11:43 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\InetStat
2014-11-12 13:54 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 13:54 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 13:54 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-12 13:54 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-12 13:54 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-12 13:54 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-12 13:54 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-11-12 13:54 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-12 13:54 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-12 13:54 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-12 13:54 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-11-12 13:54 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-12 13:54 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-12 13:54 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-12 13:54 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-12 13:54 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-12 13:54 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-12 13:54 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-12 13:54 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 13:54 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 13:54 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-12 13:54 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 13:54 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 13:54 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 13:54 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-11-12 13:54 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-11-12 13:54 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 13:54 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 13:54 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-11-12 13:54 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-11-12 13:54 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-11-12 13:54 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-12 13:54 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-11-12 13:54 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 13:54 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 13:54 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-12 13:54 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-11-12 13:54 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 13:54 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-12 13:54 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-12 13:54 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-12 13:54 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-12 13:54 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-12 13:54 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 13:54 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-11-12 13:54 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 13:54 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-12 13:54 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-12 13:54 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-11-12 13:54 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-12 13:54 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-12 13:54 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-11-12 13:54 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-11-12 13:53 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-12 13:53 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 13:53 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-12 13:53 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-12 13:53 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 13:53 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 13:53 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 13:53 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 13:53 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 13:53 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 13:53 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-12 13:53 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 13:53 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 13:53 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 13:53 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-12 13:53 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 13:53 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-11-12 13:53 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 13:53 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 13:53 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 13:53 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 13:53 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 13:53 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-12 13:53 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 13:53 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 13:53 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-12 13:53 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-12 13:53 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-12 13:53 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 13:53 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 13:53 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 13:53 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-12 13:53 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 13:53 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-12 13:53 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-11-12 13:53 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-12 13:53 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 13:53 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 13:53 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 13:53 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 13:53 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 13:53 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 13:53 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-11-12 13:53 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-12 13:53 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 13:53 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-12 13:53 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 13:53 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-12 13:53 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-12 13:53 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 13:53 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 13:53 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 13:53 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 13:53 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-12 13:53 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 13:53 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 13:53 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 13:53 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 13:53 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 13:53 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 13:53 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-12 13:53 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 13:53 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-11-12 13:53 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 13:53 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 13:53 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 13:53 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-12 13:53 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 13:53 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 13:53 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-12 13:53 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-12 13:53 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-12 13:53 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 13:53 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 13:53 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 13:53 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-12 13:53 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 13:53 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-12 13:53 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 13:53 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-11-12 13:53 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-12 13:53 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 13:53 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 13:53 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 13:53 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 13:53 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-11-12 13:53 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-12 13:53 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 13:53 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 13:53 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 13:51 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 13:51 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 13:51 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 13:51 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 13:51 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:51 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-11-12 13:51 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 13:51 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 13:51 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 13:51 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 13:51 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 13:51 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-12 13:51 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 13:51 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-12 13:51 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-12 13:51 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-12 13:51 - 2014-09-07 23:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-12 13:51 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-11-12 13:51 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-11-12 13:51 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-11-12 13:51 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-11-12 13:51 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-11-12 13:51 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-11-12 13:51 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-11-12 13:51 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-12 13:51 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-12 13:51 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-12 13:51 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-12 13:51 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-11-12 13:51 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-12 13:51 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-11-12 13:51 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-12 13:51 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-12 13:51 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-12 13:51 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 13:51 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-12 13:51 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-12 13:51 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 13:51 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-11-12 13:51 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-11-12 13:51 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-11-11 11:41 - 2014-11-15 20:14 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\TS3Client
2014-11-11 11:41 - 2014-11-11 11:41 - 00000981 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-11-11 11:41 - 2014-11-11 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-11-11 11:41 - 2014-11-11 11:41 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-11-11 11:40 - 2014-11-11 11:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 11:32 - 2014-11-11 11:37 - 00000136 _____ () C:\Windows\ODBC.INI
2014-11-11 11:30 - 2014-11-11 11:33 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\felix_000\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2014-11-10 14:48 - 2014-11-10 15:44 - 00003136 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2014-11-01 16:45 - 2014-11-14 11:45 - 00000000 ____D () C:\Users\felix_000\AppData\Local\Deployment
2014-11-01 16:45 - 2014-11-13 14:07 - 00000000 ____D () C:\Users\felix_000\AppData\Local\Apps\2.0
2014-11-01 16:44 - 2014-11-01 16:44 - 00410392 _____ (Logitech) C:\Users\felix_000\Downloads\MyHarmony-App.exe
2014-10-29 19:55 - 2014-10-29 19:55 - 00000219 _____ () C:\Users\felix_000\Desktop\Team Fortress 2.url
2014-10-28 20:37 - 2014-10-28 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-28 20:37 - 2014-10-28 20:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-28 20:37 - 2014-10-28 20:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-28 20:35 - 2014-10-28 20:36 - 13087456 _____ (Microsoft Corporation) C:\Users\felix_000\Downloads\Silverlight_x64.exe
2014-10-27 14:21 - 2014-10-27 14:21 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-27 14:21 - 2014-10-27 14:21 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-27 14:21 - 2014-10-27 14:21 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-27 14:21 - 2014-10-27 14:21 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-27 14:21 - 2014-10-27 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-27 14:21 - 2014-10-27 14:21 - 00000000 ____D () C:\Program Files (x86)\Java
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-18 12:32 - 2014-09-10 20:31 - 00000000 ____D () C:\Users\felix_000\ownCloud
2014-11-18 12:31 - 2014-09-06 08:27 - 00000000 ____D () C:\Users\felix_000
2014-11-18 12:29 - 2014-09-09 10:15 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\Skype
2014-11-18 12:27 - 2014-09-08 10:55 - 00000000 ____D () C:\Users\felix_000\Zwischenspeicher
2014-11-18 12:25 - 2014-09-06 08:47 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-26897021-869315037-3891993983-1001
2014-11-18 12:20 - 2014-09-30 16:01 - 00000000 ____D () C:\Program Files\Unlocker
2014-11-18 12:05 - 2014-09-28 12:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-18 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-11-18 11:11 - 2014-05-27 21:38 - 01699196 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 09:06 - 2014-09-06 19:03 - 00000000 ____D () C:\Users\felix_000\Documents\Citavi 4
2014-11-18 07:22 - 2014-05-27 22:14 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-11-18 07:18 - 2014-09-06 20:22 - 00000000 ___RD () C:\Users\felix_000\Dropbox
2014-11-18 07:18 - 2014-09-06 20:19 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\Dropbox
2014-11-15 22:50 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 16:54 - 2014-09-07 10:43 - 00000000 ____D () C:\Users\felix_000\AppData\Local\CrashDumps
2014-11-15 16:49 - 2014-05-27 21:36 - 00640822 _____ () C:\Windows\PFRO.log
2014-11-15 16:48 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-11-15 16:46 - 2014-09-06 08:29 - 00000000 ____D () C:\Users\felix_000\AppData\Local\VirtualStore
2014-11-15 16:45 - 2014-09-29 18:27 - 00191815 _____ () C:\Windows\DirectX.log
2014-11-15 16:44 - 2014-05-27 22:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-15 15:04 - 2014-09-06 20:22 - 00001087 _____ () C:\Users\felix_000\Desktop\Dropbox.lnk
2014-11-15 15:04 - 2014-09-06 20:20 - 00000000 ____D () C:\Users\felix_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 14:57 - 2014-09-06 08:31 - 00000000 ____D () C:\Users\felix_000\Documents\Bluetooth Folder
2014-11-15 14:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-15 14:01 - 2014-09-14 19:00 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-11-15 14:01 - 2014-09-14 19:00 - 00001096 _____ () C:\Windows\LkmdfCoInst.log
2014-11-14 11:46 - 2014-09-19 22:52 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-11-14 11:46 - 2014-09-19 22:52 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-11-14 11:40 - 2013-08-22 15:46 - 00019619 _____ () C:\Windows\setupact.log
2014-11-14 10:23 - 2014-05-27 21:51 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 10:23 - 2013-09-03 14:39 - 00763218 _____ () C:\Windows\system32\perfh007.dat
2014-11-14 10:23 - 2013-09-03 14:39 - 00159364 _____ () C:\Windows\system32\perfc007.dat
2014-11-14 09:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-11-13 17:05 - 2014-09-07 10:48 - 00000000 ____D () C:\Users\felix_000\AppData\Local\JDownloader v2.0
2014-11-13 13:29 - 2013-08-22 15:44 - 00504704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 13:28 - 2014-09-06 08:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 22:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-12 22:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-12 22:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-12 22:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-12 22:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-12 22:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-12 14:01 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-12 14:00 - 2014-09-06 20:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 13:58 - 2014-09-06 20:33 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 11:32 - 2014-09-06 08:49 - 00000000 ____D () C:\ProgramData\softthinks
2014-11-10 16:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Recovery
2014-11-06 14:08 - 2014-09-06 20:45 - 00000000 ____D () C:\Users\felix_000\AppData\Local\Adobe
2014-10-30 12:25 - 2014-09-06 20:29 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 01:55 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-30 01:55 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-27 14:21 - 2014-09-23 16:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-26 12:06 - 2014-09-10 15:02 - 00000000 ____D () C:\Users\felix_000\AppData\Local\ownCloud
2014-10-26 12:06 - 2014-09-10 15:01 - 00001029 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2014-10-26 12:06 - 2014-09-10 15:01 - 00001017 _____ () C:\Users\felix_000\Desktop\ownCloud.lnk
2014-10-26 12:06 - 2014-09-10 15:00 - 00000000 ____D () C:\Program Files (x86)\ownCloud
Some content of TEMP:
====================
C:\Users\felix_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3fvthj.dll
C:\Users\felix_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpasoy1v.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-18 07:28
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014
Ran by felix_000 at 2014-11-18 12:32:38
Running from C:\Users\felix_000\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{764E68FE-C2F9-410E-90A8-CE7F8B9A36E2}) (Version: 2.03.0204 - Aviata Inc.)
Dell Update (HKLM-x32\...\{66F942CD-BCA2-4D4C-84B8-8B6B09F9CE5D}) (Version: 1.2.1004.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-26897021-869315037-3891993983-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lexware buchhalter 2014 (HKLM-x32\...\{9bbfae8a-d4fd-49c3-9a71-c92af2e04f20}) (Version: 19.50.0.231 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2014 (x32 Version: 19.50.00.0231 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (HKLM-x32\...\{9CCD2A54-3AC9-4675-82A9-71BFC32004C4}) (Version: 14.04.00.0014 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 4.01.00.0077 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 3.01.00.0011 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (HKLM-x32\...\{7F603892-89C9-4EC4-9236-7AD4A798EA41}) (Version: 21.00.00.0039 - Haufe-Lexware GmbH & Co.KG)
Lexware PDF-Export 5 (x32 Version: 5.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.6.4.4041 - ownCloud)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmartTools Publishing • Word AutoBackup (HKU\S-1-5-21-26897021-869315037-3891993983-1001\...\SmartToolsWordAutoBackup) (Version: 4.00 - SmartTools Publishing)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{05949862-EBA3-32DC-ADC2-3B14DED83996}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{161D3CB0-5323-343F-9754-70507839BC8F}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{17261615-F5D1-33D8-BC3E-1B981C7E04DD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{32201616-DCA3-382E-821E-FEEEABB4CC9D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{3A26E370-A870-386D-955E-44358C64235E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{3B3F7415-A79C-31B0-9E30-9F3DD20C7BA4}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{4A3195AD-FCD3-332A-9D64-6F56688019F7}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{4D8FD7E3-F978-35BA-9AC4-1638290938AE}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{56350127-08BD-350C-9BA4-CF8B170CF102}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{7D69C8EE-0023-3DF4-9E51-285411DDC10C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{8263AA5B-21D5-4782-A047-3E4C1B269C89}\InprocServer32 -> C:\Program Files (x86)\Word Auto Backup\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{92925B38-0F99-3D07-B719-58AB14C1E3E5}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{A1228E3C-C1AD-30BB-8CF2-886CDC6540D6}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{CE93CC8E-9079-3DD9-B1A1-DA2F3D7F3435}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{D72C7049-F26F-3108-A35E-C82672A20523}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26897021-869315037-3891993983-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\felix_000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
27-10-2014 13:20:45 Installed Java 7 Update 71
05-11-2014 10:12:36 Scheduled Checkpoint
12-11-2014 12:56:35 Windows Update
15-11-2014 15:38:33 Installiert Call of Duty(R) 4 - Modern Warfare(TM)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03C96EA9-8EB4-44D4-92D2-00EBF6076BAA} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {1812B862-F0BF-483D-B711-480E221EB092} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {185DC927-8CD1-4A12-8A9A-E76B0F9AD1C2} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-02-20] (Aviata Inc)
Task: {243D14CC-5D53-4BF5-8BB8-8AD8D864DC0B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-12] (Microsoft Corporation)
Task: {2EBB79E5-4B0D-42E2-ACA2-0A25159598D2} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {54187D37-5116-4D47-8BE7-17159C885C18} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {767F845B-06DC-41B0-A6A1-A46B04489986} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {7E0272E3-A4C0-4E3A-B15C-9704D282C76C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {952ED34E-6013-45D6-A618-211B0B33B846} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BC520952-4280-469B-ABFA-74437BFB5F11} - System32\Tasks\AmiUpdXp => C:\Users\felix_000\AppData\Local\28090\Updater.exe [2014-11-14] () <==== ATTENTION
Task: {D13A6F67-67FC-43DF-9AD9-998819DD7FBE} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {D954F3E6-512F-4CA1-82C5-CF7EBCC8C2B4} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [2013-10-17] (Haufe-Lexware GmbH & Co. KG)
Task: {E3C0779F-D0D9-4237-80BA-F59440C35976} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {F032A1DB-37C4-4917-9BA1-543E83CEDAF6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FDCB6740-9E58-4610-900D-389892C8EB63} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {FDEF43CE-CFC2-4C14-A450-6610DCCC4098} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\felix_000\AppData\Local\28090\Updater.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-09-07 14:24 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-14 10:27 - 2014-11-14 10:27 - 00089600 _____ () C:\Users\felix_000\AppData\Roaming\VOPackage\VOsrv.exe
2014-01-28 09:37 - 2014-01-28 09:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2014-01-10 22:53 - 2014-01-10 22:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll
2014-01-10 22:53 - 2014-01-10 22:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll
2014-01-10 22:53 - 2014-01-10 22:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll
2014-01-10 23:24 - 2014-01-10 23:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll
2014-01-10 23:24 - 2014-01-10 23:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll
2014-05-27 21:38 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-09-05 07:20 - 2013-09-05 07:20 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-05 07:17 - 2013-09-05 07:17 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-05 07:24 - 2013-09-05 07:24 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-10-22 11:04 - 2014-10-22 11:04 - 17661809 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2014-09-18 20:37 - 2014-07-03 04:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-09-10 21:14 - 2014-09-10 21:14 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-27 22:04 - 2013-12-09 23:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-22 02:45 - 2014-09-22 02:45 - 00095790 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2014-09-22 02:45 - 2014-09-22 02:45 - 00847430 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2014-10-22 11:03 - 2014-10-22 11:03 - 17444910 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2014-09-22 01:10 - 2014-09-22 01:10 - 02164003 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2014-09-22 01:10 - 2014-09-22 01:10 - 01288240 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2014-09-22 01:16 - 2014-09-22 01:16 - 00144533 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2014-09-21 23:32 - 2014-09-21 23:32 - 00084012 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2014-09-22 01:15 - 2014-09-22 01:15 - 01345629 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2014-09-22 00:58 - 2014-09-22 00:58 - 00203567 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2014-10-22 11:03 - 2014-10-22 11:03 - 00778071 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2014-09-24 09:23 - 2014-09-24 09:23 - 00158048 _____ () C:\Program Files (x86)\ownCloud\libneon-27.dll
2014-09-24 08:38 - 2014-09-24 08:38 - 00052119 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2014-09-22 01:10 - 2014-09-22 01:10 - 21540519 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2014-09-22 01:13 - 2014-09-22 01:13 - 00646511 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2014-09-22 02:13 - 2014-09-22 02:13 - 00172695 _____ () C:\Program Files (x86)\ownCloud\libproxy.dll
2014-09-22 01:05 - 2014-09-22 01:05 - 01150984 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2014-09-22 02:11 - 2014-09-22 02:11 - 00042626 _____ () C:\Program Files (x86)\ownCloud\libmodman.dll
2014-09-22 01:15 - 2014-09-22 01:15 - 00150916 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2014-09-22 01:08 - 2014-09-22 01:08 - 00197062 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2014-09-22 02:28 - 2014-09-22 02:28 - 00247028 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2014-09-22 03:24 - 2014-09-22 03:24 - 00228655 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00702136 _____ () C:\Program Files (x86)\ownCloud\platforms\qwindows.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00032568 _____ () C:\Program Files (x86)\ownCloud\imageformats\qgif.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00035173 _____ () C:\Program Files (x86)\ownCloud\imageformats\qico.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00048436 _____ () C:\Program Files (x86)\ownCloud\imageformats\qjpeg.dll
2014-09-22 11:25 - 2014-09-22 11:25 - 00061320 _____ () C:\Program Files (x86)\ownCloud\sqldrivers\qsqlite.dll
2014-11-18 07:17 - 2014-11-18 07:17 - 00043008 _____ () c:\Users\felix_000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpasoy1v.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\felix_000\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-31 20:35 - 2014-03-31 20:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2014-05-27 22:01 - 2013-03-05 04:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 19:41 - 2013-03-05 19:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-09-18 20:37 - 2014-07-31 00:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-05-27 22:14 - 2012-11-26 06:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-09-18 20:37 - 2012-11-26 06:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2014-09-28 12:35 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-28 12:35 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-28 12:35 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-28 12:36 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-09-28 12:36 - 2014-11-12 02:04 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-28 12:35 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-28 12:35 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-09-28 12:35 - 2014-11-12 02:04 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-28 12:35 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-09-20 13:33 - 2014-09-20 13:34 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2012-04-25 03:16 - 2014-02-24 15:51 - 00526464 _____ () C:\Program Files (x86)\Word Auto Backup\adxloader.dll
2013-09-04 03:18 - 2011-05-07 01:53 - 00190836 _____ () C:\Program Files (x86)\Word Auto Backup\STP_FuncLib.dll
2014-09-06 19:02 - 2014-06-13 11:26 - 03602944 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Citavi Picker\CitaviPicker.api
2014-05-08 14:48 - 2014-05-08 14:48 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-11-11 11:40 - 2014-11-11 11:40 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\felix_000\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "mbot_de_246"
HKLM\...\StartupApproved\Run32: => "ConvertAd"
========================= Accounts: ==========================
Administrator (S-1-5-21-26897021-869315037-3891993983-500 - Administrator - Disabled)
felix_000 (S-1-5-21-26897021-869315037-3891993983-1001 - Administrator - Enabled) => C:\Users\felix_000
Guest (S-1-5-21-26897021-869315037-3891993983-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-26897021-869315037-3891993983-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/18/2014 07:31:35 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (11/18/2014 07:30:24 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (11/15/2014 07:16:30 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (11/15/2014 04:53:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Name des fehlerhaften Moduls: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00276555
ID des fehlerhaften Prozesses: 0x16e4
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3
Vollständiger Name des fehlerhaften Pakets: iw3mp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iw3mp.exe5
Error: (11/15/2014 04:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Name des fehlerhaften Moduls: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00276555
ID des fehlerhaften Prozesses: 0x574
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3
Vollständiger Name des fehlerhaften Pakets: iw3mp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iw3mp.exe5
Error: (11/15/2014 04:51:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Name des fehlerhaften Moduls: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00276555
ID des fehlerhaften Prozesses: 0xa30
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3
Vollständiger Name des fehlerhaften Pakets: iw3mp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iw3mp.exe5
Error: (11/15/2014 04:48:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Name des fehlerhaften Moduls: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00276555
ID des fehlerhaften Prozesses: 0x8a4
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3
Vollständiger Name des fehlerhaften Pakets: iw3mp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iw3mp.exe5
Error: (11/15/2014 04:46:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Name des fehlerhaften Moduls: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x47043f08
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00276555
ID des fehlerhaften Prozesses: 0x14d4
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3
Vollständiger Name des fehlerhaften Pakets: iw3mp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iw3mp.exe5
Error: (11/15/2014 04:29:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sftservice.exe, Version: 3.0.0.31, Zeitstempel: 0x53f4619d
Name des fehlerhaften Moduls: SDSSmartRepairTools.dll, Version: 1.0.2.20, Zeitstempel: 0x502356ac
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x00067593
ID des fehlerhaften Prozesses: 0x4fc
Startzeit der fehlerhaften Anwendung: 0xsftservice.exe0
Pfad der fehlerhaften Anwendung: sftservice.exe1
Pfad des fehlerhaften Moduls: sftservice.exe2
Berichtskennung: sftservice.exe3
Vollständiger Name des fehlerhaften Pakets: sftservice.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sftservice.exe5
Error: (11/15/2014 04:27:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
System errors:
=============
Error: (11/18/2014 00:11:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/18/2014 07:29:34 AM) (Source: DCOM) (EventID: 10010) (User: FELIXTHURMPC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (11/18/2014 07:29:04 AM) (Source: DCOM) (EventID: 10010) (User: FELIXTHURMPC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (11/17/2014 09:39:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/17/2014 09:20:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/17/2014 05:25:07 PM) (Source: DCOM) (EventID: 10016) (User: FELIXTHURMPC)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FelixThurmPCfelix_000S-1-5-21-26897021-869315037-3891993983-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/17/2014 05:25:05 PM) (Source: DCOM) (EventID: 10016) (User: FELIXTHURMPC)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FelixThurmPCfelix_000S-1-5-21-26897021-869315037-3891993983-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/17/2014 05:25:05 PM) (Source: DCOM) (EventID: 10016) (User: FELIXTHURMPC)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FelixThurmPCfelix_000S-1-5-21-26897021-869315037-3891993983-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/17/2014 05:25:04 PM) (Source: DCOM) (EventID: 10016) (User: FELIXTHURMPC)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FelixThurmPCfelix_000S-1-5-21-26897021-869315037-3891993983-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/17/2014 05:25:04 PM) (Source: DCOM) (EventID: 10016) (User: FELIXTHURMPC)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FelixThurmPCfelix_000S-1-5-21-26897021-869315037-3891993983-1001LocalHost (Using LRPC)UnavailableUnavailable
Microsoft Office Sessions:
=========================
Error: (11/18/2014 07:31:35 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\word auto backup\adxloader.dll.Manifestc:\program files (x86)\word auto backup\adxloader.dll.Manifest2
Error: (11/18/2014 07:30:24 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\word auto backup\adxloader.dll.Manifestc:\program files (x86)\word auto backup\adxloader.dll.Manifest2
Error: (11/15/2014 07:16:30 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files (x86)\word auto backup\adxloader.dll.Manifestc:\program files (x86)\word auto backup\adxloader.dll.Manifest2
Error: (11/15/2014 04:53:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iw3mp.exe0.0.0.047043f08iw3mp.exe0.0.0.047043f08c00000050027655516e401d000ec54024328C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exeC:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe96a38c97-6cdf-11e4-826c-0071cc7e8d32
Error: (11/15/2014 04:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iw3mp.exe0.0.0.047043f08iw3mp.exe0.0.0.047043f08c00000050027655557401d000ec1114ce55C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exeC:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe51153033-6cdf-11e4-826c-0071cc7e8d32
Error: (11/15/2014 04:51:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iw3mp.exe0.0.0.047043f08iw3mp.exe0.0.0.047043f08c000000500276555a3001d000ebf4d2096cC:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exeC:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe36a60213-6cdf-11e4-826c-0071cc7e8d32
Error: (11/15/2014 04:48:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iw3mp.exe0.0.0.047043f08iw3mp.exe0.0.0.047043f08c0000005002765558a401d000eb8f6250e1C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exeC:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exed24f64ad-6cde-11e4-826b-0071cc7e8d32
Error: (11/15/2014 04:46:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iw3mp.exe0.0.0.047043f08iw3mp.exe0.0.0.047043f08c00000050027655514d401d000eb4a23db1aC:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exeC:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe89bf2515-6cde-11e4-826b-0071cc7e8d32
Error: (11/15/2014 04:29:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sftservice.exe3.0.0.3153f4619dSDSSmartRepairTools.dll1.0.2.20502356acc00001a5000675934fc01d000e8f6d65f4fC:\Program Files (x86)\Dell Backup and Recovery\sftservice.exeC:\Program Files (x86)\Dell Backup and Recovery\SDSSmartRepairTools.dll34f55ae4-6cdc-11e4-826b-0071cc7e8d32
Error: (11/15/2014 04:27:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
CodeIntegrity Errors:
===================================
Date: 2014-11-13 13:55:16.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:16.198
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:15.886
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:15.761
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:15.526
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:15.386
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:15.151
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:14.792
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-13 13:55:14.667
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8142.95 MB
Available physical RAM: 5068.86 MB
Total Pagefile: 9422.95 MB
Available Pagefile: 5241.22 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:464.63 GB) (Free:373.82 GB) NTFS
Drive d: (Daten) (Fixed) (Total:451.17 GB) (Free:402.87 GB) NTFS
Drive f: (Elements) (Fixed) (Total:930.98 GB) (Free:707.59 GB) NTFS
Drive g: (COD4MW) (CDROM) (Total:6.35 GB) (Free:0 GB) UDF
Drive h: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
Drive i: (DBR_BOOT) (Fixed) (Total:0.49 GB) (Free:0.47 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.5 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:13.06 GB) (Free:0.69 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4B3FAE42)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 27CFB42D)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=510 MB) - (Type=0C)
==================== End Of Log ============================
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:31 on 18/11/2014 (felix_000)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Grüße, KingPinXXX |
Baum-Darstellung