| |
| |||||||
Antiviren-, Firewall- und andere Schutzprogramme: Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden"Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
 |
29.01.2015, 13:57
| #16 |
 |  Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Okay, danke! hier der FRST. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Tassilo Welsch (administrator) on TASSILOWELSCH on 29-01-2015 08:24:10
Running from C:\Users\Tassilo Welsch\Pictures\Downloads
Loaded Profiles: Tassilo Welsch (Available profiles: Tassilo Welsch & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5abarsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Marvell Semiconductor, Inc.) C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
() C:\Users\Tassilo Welsch\AppData\Local\Amazon Music\Amazon Music Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VER_COMPANY_NAME) C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5abrmon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Neuber Software) C:\Program Files (x86)\Visual TimeAnalyzer\tbaction.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\BTStackServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [PrnStatusMX] => C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [1240064 2012-07-04] (Marvell Semiconductor, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [MyWebFace Search Scope Monitor] => C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aSrchMn.exe [42552 2012-05-03] (MindSpark)
HKLM-x32\...\Run: [MyWebFace_5a Browser Plugin Loader] => C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5abrmon.exe [30096 2012-05-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [TBAction] => C:\Program Files (x86)\Visual TimeAnalyzer\tbaction.exe [129408 2011-10-13] (Neuber Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49152 2005-02-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-12-24] (Google Inc.)
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Run: [Facebook Update] => C:\Users\Tassilo Welsch\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1238528 2014-04-28] (RemoteMouse.net)
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Run: [Amazon Music] => C:\Users\Tassilo Welsch\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\MountPoints2: {d372014c-2e9e-11e1-9239-806e6f6e6963} - E:\autorun.exe
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\Tassilo Welsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GM_DevUpdate.lnk
ShortcutTarget: GM_DevUpdate.lnk -> C:\Program Files (x86)\Hama PC-Vibra joystick Outlandish\GM_DevUpdate.exe ()
Startup: C:\Users\Tassilo Welsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OMSI Addon Manager.lnk
ShortcutTarget: OMSI Addon Manager.lnk -> C:\Program Files (x86)\OMSI Addon Manager\OMSI Addon Manager.exe (Jan Kiesewalter)
Startup: C:\Users\Tassilo Welsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Tassilo Welsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk
ShortcutTarget: Versandhelfer.lnk -> C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
HKU\S-1-5-21-3110529466-1759550328-638498961-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q=
URLSearchHook: [S-1-5-21-3110529466-1759550328-638498961-1002] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-3110529466-1759550328-638498961-1002 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-3110529466-1759550328-638498961-1002 - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKU\S-1-5-21-3110529466-1759550328-638498961-1002 - (No Name) - {8040829d-1177-46e2-9157-8282438b79c7} - C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aSrcAs.dll (MindSpark)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2938&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3110529466-1759550328-638498961-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402989453&from=smt&uid=ST2000DL003-9VT166_5YD62BQ2XXXX5YD62BQ2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3110529466-1759550328-638498961-1002 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: YoutubeAdBlocke -> {248f4204-2191-4da5-9b39-fe423fa91190} -> No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: GoSave -> {70dd8865-52b4-414c-98eb-541d6849aa79} -> No File
BHO: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip64.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Search Assistant BHO -> {14d02517-c8be-4735-a344-3c8366c77aa0} -> C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5aSrcAs.dll (MindSpark)
BHO-x32: YoutubeAdBlocke -> {248f4204-2191-4da5-9b39-fe423fa91190} -> C:\Program Files (x86)\YoutubeAdBlocke\lP7ydD35mH4PJE.dll ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: GoSave -> {70dd8865-52b4-414c-98eb-541d6849aa79} -> C:\Program Files (x86)\GoSave\ROAy7km9qnEVBh.dll ()
BHO-x32: CHIP Best Deal BHO -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} -> C:\Program Files (x86)\chip\Internet Explorer\chip32.dll ()
BHO-x32: DownTango Launcher -> {8d3ec233-b92d-4187-a506-284127cfba2d} -> C:\Users\Tassilo Welsch\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Toolbar BHO -> {b1df253a-9e7a-480d-b6a5-7a435b520dbb} -> C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5abar.dll (MindSpark)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DownTango Launcher -> {b52d0735-ec19-448a-abde-e01b5bd275d2} -> C:\Users\Tassilo Welsch\AppData\Roaming\DownTangoLauncherToolbar\DownTangoLauncherToolbar.dll (Simplytech Ltd.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ICQ Sparberater -> {EC136321-1AE5-4A7F-B01C-5380D666175B} -> C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM-x32 - MyWebFace - {af94b35c-3ac5-4030-9f9c-15fb4e3dc339} - C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5abar.dll (MindSpark)
Toolbar: HKLM-x32 - DownTango Launcher - {b52d0735-ec19-448a-abde-e01b5bd275d2} - C:\Users\Tassilo Welsch\AppData\Roaming\DownTangoLauncherToolbar\DownTangoLauncherToolbar.dll (Simplytech Ltd.)
Toolbar: HKLM-x32 - DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Tassilo Welsch\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3110529466-1759550328-638498961-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer
FF SelectedSearchEngine: Google
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @MyWebFace_5a.com/Plugin -> C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\NP5aStub.dll (MindSpark)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3110529466-1759550328-638498961-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tassilo Welsch\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3110529466-1759550328-638498961-1002: facebook.com/fbDesktopPlugin -> C:\Users\Tassilo Welsch\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKU\S-1-5-21-3110529466-1759550328-638498961-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Oracle Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF Extension: Quick Start - C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\Extensions\quick_start@gmail.com [2014-06-17]
FF Extension: WEB.DE MailCheck - C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\Extensions\toolbar@web.de [2014-12-17]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [5affxtbr@MyWebFace_5a.com] - C:\Program Files (x86)\MyWebFace_5a\bar\1.bin
FF Extension: MyWebFace - C:\Program Files (x86)\MyWebFace_5a\bar\1.bin [2012-05-03]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Tassilo Welsch\AppData\Roaming\Mozilla\Profiles\dcc8za0g.Standard-Benutzer\extensions\quick_start@gmail.com
FF HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-18]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 Accelerometer; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 Accelerometer; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 btwdins; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [1005944 2012-12-06] (Broadcom Corporation.)
R2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [247872 2011-08-17] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
R2 MyWebFace_5aService; C:\Program Files (x86)\MyWebFace_5a\bar\1.bin\5abarsvc.exe [42528 2012-05-03] (COMPANYVERS_NAME)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-06-06] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-24] (Broadcom Corporation.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
U3 GMFilter; C:\Windows\SysWOW64\Drivers\GMFilter.sys [21760 2005-08-23] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-06-06] ()
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
NETSVC: Accelerometer -> No ServiceDLL Path.
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-29 08:23 - 2015-01-29 08:24 - 00000000 ____D () C:\FRST
2015-01-28 18:43 - 2015-01-28 18:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-01-28 15:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-28 15:34 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-28 15:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-28 15:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-28 15:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-28 15:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-28 15:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-28 15:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-28 15:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-28 15:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-28 15:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-28 15:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-28 15:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-24 08:40 - 2015-01-24 08:40 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Local\{5B0E114A-9DF0-45D4-BCF3-BAAC8EF0CED5}
2015-01-23 14:19 - 2015-01-23 14:19 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Local\{80093045-D797-4EA6-9E65-A336329CBFA9}
2015-01-20 12:10 - 2015-01-20 12:16 - 00000000 ____D () C:\Users\Tassilo Welsch\Documents\Leitz vorlagen
2015-01-18 20:11 - 2015-01-19 17:20 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Local\Spotify
2015-01-18 20:10 - 2015-01-28 15:08 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Roaming\Spotify
2015-01-15 09:28 - 2015-01-27 16:44 - 00000000 ____D () C:\Users\Tassilo Welsch\Documents\Online Banking
2015-01-14 22:50 - 2015-01-28 15:08 - 00000000 ____D () C:\99b715753655f64069c8
2015-01-10 14:35 - 2015-01-10 22:00 - 00000000 ____D () C:\Users\Tassilo Welsch\Desktop\Blasmusik Timi
2015-01-10 14:32 - 2015-01-28 15:09 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-01-06 19:34 - 2015-01-06 19:34 - 00000221 _____ () C:\Users\Tassilo Welsch\Desktop\Train Simulator 2015.url
2015-01-06 15:56 - 2015-01-06 15:56 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-01-06 15:56 - 2015-01-06 15:56 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-29 08:23 - 2011-12-24 19:49 - 02094109 _____ () C:\Windows\WindowsUpdate.log
2015-01-29 08:21 - 2012-03-04 19:15 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-29 08:18 - 2011-12-24 19:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-29 08:18 - 2011-09-05 23:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-29 08:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-29 08:18 - 2009-07-14 05:51 - 00222212 _____ () C:\Windows\setupact.log
2015-01-28 18:46 - 2009-07-14 05:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 18:46 - 2009-07-14 05:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 18:41 - 2012-04-12 15:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-28 18:39 - 2012-04-12 15:18 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-28 18:39 - 2012-04-12 15:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-28 18:39 - 2011-08-10 20:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 18:32 - 2011-12-24 19:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 18:23 - 2013-05-18 20:51 - 01756160 ___SH () C:\Users\Tassilo Welsch\Desktop\Thumbs.db
2015-01-28 18:14 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At19.job
2015-01-28 18:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At43.job
2015-01-28 17:47 - 2012-04-11 22:05 - 00001174 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110529466-1759550328-638498961-1002UA.job
2015-01-28 17:42 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At17.job
2015-01-28 17:40 - 2010-11-21 04:47 - 00215556 _____ () C:\Windows\PFRO.log
2015-01-28 16:10 - 2013-08-15 22:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-28 16:09 - 2011-07-18 21:31 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-28 16:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At41.job
2015-01-28 15:11 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At23.job
2015-01-28 15:09 - 2014-11-10 18:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-28 15:09 - 2012-02-28 13:57 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-28 15:09 - 2012-01-08 20:43 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-28 15:09 - 2011-12-24 22:40 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-28 15:09 - 2011-12-24 19:56 - 00000000 ____D () C:\Users\Tassilo Welsch
2015-01-28 15:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-28 15:07 - 2012-01-08 20:51 - 00000000 ___RD () C:\Users\Tassilo Welsch\Dropbox
2015-01-28 15:07 - 2012-01-08 20:43 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox
2015-01-19 23:30 - 2014-09-29 10:33 - 00000000 ____D () C:\Users\Tassilo Welsch\Documents\Studium
2015-01-14 22:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At47.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At24.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At22.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At21.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At20.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At18.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At16.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At15.job
2015-01-14 21:03 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At14.job
2015-01-13 23:25 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At48.job
2015-01-13 23:25 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At46.job
2015-01-13 20:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At45.job
2015-01-13 19:31 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At44.job
2015-01-13 17:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At42.job
2015-01-13 15:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At40.job
2015-01-13 14:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At39.job
2015-01-13 13:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At38.job
2015-01-13 12:39 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At1.job
2015-01-13 00:27 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At25.job
2015-01-13 00:27 - 2012-04-11 22:05 - 00001152 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110529466-1759550328-638498961-1002Core.job
2015-01-12 16:59 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At11.job
2015-01-12 10:01 - 2011-05-16 15:04 - 00710046 _____ () C:\Windows\system32\perfh007.dat
2015-01-12 10:01 - 2011-05-16 15:04 - 00154482 _____ () C:\Windows\system32\perfc007.dat
2015-01-12 10:01 - 2009-07-14 06:13 - 01649664 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-12 10:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At35.job
2015-01-12 09:41 - 2012-05-13 21:53 - 00000000 ____D () C:\Users\Tassilo Welsch\Documents\Orchestren-Bands
2015-01-10 13:00 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At2.job
2015-01-09 01:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At26.job
2015-01-06 15:56 - 2014-11-18 23:16 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-01-06 15:56 - 2014-11-18 23:15 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-01-06 15:56 - 2014-08-11 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-06 15:56 - 2012-06-25 22:01 - 00000000 ____D () C:\Users\Tassilo Welsch\AppData\Roaming\DVDVideoSoft
2015-01-01 16:03 - 2013-01-07 19:25 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-01 14:11 - 2012-04-24 13:56 - 00000344 _____ () C:\Windows\Tasks\At13.job
2014-12-31 12:00 - 2012-04-24 13:56 - 00000346 _____ () C:\Windows\Tasks\At37.job
==================== Files in the root of some directories =======
2012-10-05 19:23 - 2012-10-05 19:23 - 0000604 ____H () C:\Program Files (x86)\_Z2
2012-04-24 13:45 - 2012-04-24 13:45 - 0000000 _____ () C:\Users\Tassilo Welsch\AppData\Roaming\domRK.txt
2012-02-12 16:11 - 2013-02-25 00:38 - 0005120 _____ () C:\Users\Tassilo Welsch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-01 21:07 - 2014-12-02 16:58 - 0000058 _____ () C:\Users\Tassilo Welsch\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2013-06-09 19:32 - 2013-06-09 19:32 - 0000102 _____ () C:\Users\Tassilo Welsch\AppData\Local\fusioncache.dat
2012-06-02 20:27 - 2012-06-02 20:27 - 0000218 _____ () C:\Users\Tassilo Welsch\AppData\Local\recently-used.xbel
2012-01-04 12:04 - 2013-03-26 21:55 - 0007605 _____ () C:\Users\Tassilo Welsch\AppData\Local\Resmon.ResmonCfg
Files to move or delete:
====================
C:\Users\Tassilo Welsch\SkiRegionSimulator2012Patch1.0.1DE.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At10.job
C:\Windows\Tasks\At11.job
C:\Windows\Tasks\At12.job
C:\Windows\Tasks\At13.job
C:\Windows\Tasks\At14.job
C:\Windows\Tasks\At15.job
C:\Windows\Tasks\At16.job
C:\Windows\Tasks\At17.job
C:\Windows\Tasks\At18.job
C:\Windows\Tasks\At19.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At20.job
C:\Windows\Tasks\At21.job
C:\Windows\Tasks\At22.job
C:\Windows\Tasks\At23.job
C:\Windows\Tasks\At24.job
C:\Windows\Tasks\At25.job
C:\Windows\Tasks\At26.job
C:\Windows\Tasks\At27.job
C:\Windows\Tasks\At28.job
C:\Windows\Tasks\At29.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At30.job
C:\Windows\Tasks\At31.job
C:\Windows\Tasks\At32.job
C:\Windows\Tasks\At33.job
C:\Windows\Tasks\At34.job
C:\Windows\Tasks\At35.job
C:\Windows\Tasks\At36.job
C:\Windows\Tasks\At37.job
C:\Windows\Tasks\At38.job
C:\Windows\Tasks\At39.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At40.job
C:\Windows\Tasks\At41.job
C:\Windows\Tasks\At42.job
C:\Windows\Tasks\At43.job
C:\Windows\Tasks\At44.job
C:\Windows\Tasks\At45.job
C:\Windows\Tasks\At46.job
C:\Windows\Tasks\At47.job
C:\Windows\Tasks\At48.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At7.job
C:\Windows\Tasks\At8.job
C:\Windows\Tasks\At9.job
Some content of TEMP:
====================
C:\Users\Tassilo Welsch\AppData\Local\Temp\0EKePdkNuE.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\0TxSPhNfJA.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\2NvbCmmyuD.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\2ztHtAD2VB.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\5kuexcp2.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\6gE4nUCDNV.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\7z.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\7z.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\9cmEyA5mpT.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\amazonicon_v5.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\AskSLib.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\awAT0mBiDf.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\bassmod.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\dDgZ9sEjNt.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\dprdhvhm.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpijwbul.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\DZThVLV4s7.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\eZxZxhkrIp.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\F49F4235-9291-19B2-CB31-29CB0A709291.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\F49F4235-9291-19B2-CB31-29CB0A709291.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\FileSystemView.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\foxy_security_games.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\gEqk3gGzOo.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\htmlayout.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\installhelper.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\install_flashplayer11x32_mssd_au_aih.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\k5rgkNrGdT.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\KrNGIXstjz.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\LIPjQu7WLK.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\luRVyxWyJJ.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\m4pyqTIavy.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\mp3el.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\mq8LeHKlag.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Tassilo Welsch\AppData\Local\Temp\mymugle_update.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\nsj3171.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\nsj4387.tmp.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\nso1EB8.tmp.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\nsr9715.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\nssC4CE.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\nssC9AF.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\nsx9B7A.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\optprosetup.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\ose00000.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\ot2wnash.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\p2bNZxvwJt.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\pZllcuqCQ4.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\qcCtFZXMpW.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\QjOTvu1MJv.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\RegSvr32User.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\safeguard.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\sdapskill.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\sdaspwn.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\Search_Protect_NonSearch_setup.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\SIntf16.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\SIntf32.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\SIntfNT.dll
C:\Users\Tassilo Welsch\AppData\Local\Temp\T2Y2zE9oqQ.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\tmp40D0.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\tmp47.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\tmp5FA7.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\tmpDE73.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\ubi5B4A.tmp.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\uninstall.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\uninstall2140364.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\VzRfXZa788.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\W0qeutVHoH.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\WEB.DE_Softwareaktualisierung_Setup.exe
C:\Users\Tassilo Welsch\AppData\Local\Temp\wusetup.exE
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Windows\system64
LastRegBack: 2015-01-24 00:55
==================== End Of Log ============================
--- --- --- und der Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Tassilo Welsch at 2015-01-29 08:25:42
Running from C:\Users\Tassilo Welsch\Pictures\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AS: Kaspersky Internet Security (Disabled - Up to date) {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security (Disabled) {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
18 Wheels of Steel - Extreme Trucker (entfernen) (HKLM-x32\...\18 Wheels of Steel - Extreme Trucker) (Version: - )
18 WoS Extreme Trucker 2 (HKLM-x32\...\{2070D91D-5C3C-4E9C-BA77-EC0ADE0FE671}) (Version: 1.00.0000 - Valusoft)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.1.0.2 - Aerosoft)
Amazon Music (HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
ANNO 1503 GOLD (HKLM-x32\...\{DB833EF9-A198-49BE-970A-BD46F30BFBB4}) (Version: 1.05.00 - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - ASUS)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Avid License Control (HKLM-x32\...\{89A9B9EE-839E-4820-9450-2912C82F46AF}) (Version: 6.0.1 - Avid Technology, Inc.)
Bagger-Simulator 2011 (Demo) (HKLM-x32\...\Bagger-Simulator 2011 (Demo)) (Version: - )
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version: - )
Bridge Builder 2 Demo (HKLM-x32\...\Bridge Builder 2 Demo) (Version: - (c) 2012 Halycon Media GmbH & Co.KG)
Brothers in Arms: Hell's Highway (HKLM-x32\...\Brothers in Arms - Hell's Highway) (Version: 1.0.0.0 - Ubisoft)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )
Canon MX430 series Benutzerregistrierung (HKLM-x32\...\Canon MX430 series Benutzerregistrierung) (Version: - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version: - )
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
capella 7 (HKLM-x32\...\{39E95738-42E2-4B1D-A079-7548359D7B4A}) (Version: 7.1.10 - capella software AG)
capella playAlong 3.0 (HKLM-x32\...\{E53699F2-7E51-4616-A4BF-B5237F17A22F}) (Version: 3.0.38 - capella software)
capella-scan 7.0 (HKLM-x32\...\{59AD5D9B-C4E7-40D0-AA58-C9EF41000795}) (Version: 7.0.20 - capella-software)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
City Bus Simulator 2010 - New York (HKLM-x32\...\{0190000A-A5F5-41EE-9E20-BE784015214C}) (Version: 1.21 - TML-Studios)
City Bus Simulator 2010 - Regiobus Usedom (HKLM-x32\...\{1E24084C-1619-46A3-940A-6A827D3F1404}) (Version: 1.20 - TML-Studios)
ClipMem Advanced (HKLM-x32\...\{E62952D9-52CC-4D65-B112-91DCD22856C5}_is1) (Version: 2.0 beta - Ingo Elsholz)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.1928 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - CHIP.de)
DownTango Launcher (HKLM-x32\...\{cb6d194b-149b-4e28-9b6b-fd0bdaa2aa7c}_is1) (Version: - DownTango Launcher) <==== ATTENTION
DownTango Launcher 1.6 (HKLM-x32\...\{107c7af4-bcdb-4ba2-87d1-3cb1f7190dba}_is1) (Version: 1.6 - DownTango Launcher) <==== ATTENTION
Dropbox (HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
EarMaster Pro 6.1 (HKLM-x32\...\EarMaster Pro 6_is1) (Version: 6.1 - EarMaster ApS)
Emergency 2012 Demo (HKLM-x32\...\Emergency 2012 Demo) (Version: - Quadriga Games GmbH)
Emergency 2013 (HKLM-x32\...\Emergency 2013) (Version: - Quadriga Games)
Euro Truck Simulator 2 Demo (HKLM-x32\...\Steam App 231120) (Version: - )
Euro Truck Simulator Gold (entfernen) (HKLM-x32\...\Euro Truck Simulator Gold) (Version: - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
FBW_549 (HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\FBW_549) (Version: - )
Finale 2011 Demo (HKLM-x32\...\Finale 2011 Demo) (Version: 2011.b.r2.0 - MakeMusic)
Finale 2012 (HKLM-x32\...\Finale 2012) (Version: 2012.a.r3.10 - MakeMusic)
Finale 2012 Demo (HKLM-x32\...\Finale 2012 Demo) (Version: 2012.a.r5.2 - MakeMusic)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.1 - MakeMusic)
FlightGear 2.10.0.3 (HKLM\...\FlightGear_is1) (Version: - The FlightGear Team)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.4.1023 - Foxit Corporation)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download version 3.2.49.1111 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1111 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GCH Guitar academy (HKLM-x32\...\GCH Guitar academy) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 12.0.742.91 - Google Inc.)
Google Earth (HKLM-x32\...\{528145C0-462A-11E1-B8B4-B8AC6F97B88E}) (Version: 6.2.0.5905 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GoSave (HKLM-x32\...\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}) (Version: - ) <==== ATTENTION
Grand Theft Auto(TM): San Andreas (HKLM-x32\...\{77B07EA9-570E-472B-8B5A-1C8D5232D328}_is1) (Version: - Rockstar)
Hama PC-Vibra joystick Outlandish (HKLM-x32\...\Hama PC-Vibra joystick Outlandish) (Version: - )
HP Color LaserJet CP1210 Series (HKLM\...\HP Color LaserJet CP1210 Series) (Version: - )
HP Color LaserJet CP1210 Series Toolbox (HKLM\...\{F323676A-B911-4B57-827F-32D02DCD4971}) (Version: 1.0.21 - Hewlett-Packard)
HP Software Update (HKLM-x32\...\{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}) (Version: 3.0.7.014 - Hewlett-Packard)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Ihr Firmenname)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
ICQ Sparberater (HKLM-x32\...\{EC136321-1AE5-4A7F-B01C-5380D666175B}) (Version: 1.3.667 - solute gmbh)
ICQ Toolbar (HKLM-x32\...\ICQToolbar) (Version: 3.0.0 - ICQ)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
iLivid (HKLM-x32\...\iLivid) (Version: 1.92.0.118480 - Bandoo Media Inc.) <==== ATTENTION
iLivid (x32 Version: 1.92.0.118480 - Bandoo Media Inc.) Hidden <==== ATTENTION
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Installer (x32 Version: 1.0.0 - Sierra Entertainment, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000FF}) (Version: 7.0.0 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (German) (HKLM-x32\...\{90120000-00D1-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Thunderbird 12.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 12.0.1 (x86 de)) (Version: 12.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\MyFreeCodec) (Version: - )
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
MyTomTom 3.1.0.530 (HKLM-x32\...\MyTomTom) (Version: 3.1.0.530 - TomTom)
MyWebFace Toolbar (HKLM-x32\...\MyWebFace_5abar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
NVIDIA 3D Vision Controller-Treiber 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 295.73 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0209 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0209 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OMSI - Der Omnibussimulator (HKLM-x32\...\{9AE850A4-B89D-4875-A159-B1B64D717EFB}) (Version: 1.04 - aerosoft)
OMSI - Stadtbus O305 (HKLM-x32\...\{3EF2A817-4ADC-46F7-8441-46DFCE158D72}) (Version: 1.00 - aerosoft)
OMSI 2 (HKLM-x32\...\Steam App 252530) (Version: - MR-Software GbR)
OMSI Addon Manager Version 1.2.4 (HKLM-x32\...\{32B08666-1587-435D-988C-7958A04B218A}_is1) (Version: 1.2.4 - Jan Kiesewalter)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version: - VeryPDF.com Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Playboy Screensaver (HKLM-x32\...\Playboy Screensaver_is1) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Postal 2 Share The Pain Demo (HKLM-x32\...\Postal 2 Share The Pain Demo) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6368 - Realtek Semiconductor Corp.)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Renault Karosa Citybus 12M (HKLM-x32\...\Renault Karosa Citybus 12M) (Version: - )
Safe Knacker (HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\Safe Knacker) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick)
SAP Crystal Reports runtime engine for .NET Framework (32-bit) (HKLM-x32\...\{FBAB5DC0-657B-424F-BE58-07DEFF68917C}) (Version: 13.0.5.891 - SAP)
Screenshot Captor 4.03.00 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
SctMedia (HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\VerCheck) (Version: 5.2.0.0 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shape Collage (HKLM-x32\...\ShapeCollage) (Version: - Shape Collage Inc.)
Ship Simulator Extremes (HKLM-x32\...\ShipSimExtremes) (Version: - )
Sibelius 7 OpenType Fonts (HKLM-x32\...\{44998978-7DDB-4AD0-BDF5-D226FBC029FE}) (Version: 7.1.2 - Avid)
Sibelius 7.0.1.45 (HKLM\...\Sibelius 7.0.0.23_is1) (Version: 7.0.1.45 - Avid)
Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM-x32\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.05.0000 - Ubisoft)
Simulationsprogramm Integrierte Leitstelle V4 (HKLM-x32\...\{4B60A7A4-49F6-4D2A-8AE7-BCBAFA6224CE}) (Version: 4.0.14 - BK Elektronik)
Skiregion Simulator 2012 (HKLM-x32\...\SkiRegionSimulator2012DE_is1) (Version: 1.0 - GIANTS Software)
SoftNoteDemo 3.2.0.0 (HKLM-x32\...\{48E35CA4-B3E0-49B3-A950-22A5F060743A}_is1) (Version: 3.2.0.0 - Dieter Klingl)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SWAT 4 - THE STETCHKOV SYNDICATE (HKLM-x32\...\InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}) (Version: 1.0.0 - Sierra Entertainment, Inc.)
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Ihr Firmenname)
SWAT 4 (x32 Version: 1.0.31763 - Ihr Firmenname) Hidden
SWAT 4 Single Player Demo (HKLM-x32\...\InstallShield_{F2CA85EF-D86E-4F4C-99E7-8ED7AA18E7B8}) (Version: 1.10.29930 - Vivendi Universal Games)
SWAT 4 Single Player Demo (x32 Version: 1.10.29930 - Vivendi Universal Games) Hidden
sweet-page uninstaller (HKLM-x32\...\sweet-page uninstaller) (Version: - sweet-page) <==== ATTENTION
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.02.00000 - Ubisoft)
Tom Clancy's H.A.W.X Demo (HKLM-x32\...\{6C596FD6-C378-4399-93F1-43A206759B23}) (Version: 1.00.00000 - Ubisoft)
Tom Clancy's H.A.W.X. 2 (HKLM-x32\...\{76A232AF-B7D6-41A4-B795-6B355E6D32B1}) (Version: 1.0.1 - Ubisoft)
tonica fugata 10.0 (HKLM-x32\...\{AF27FA1B-CD05-48E3-A86A-A0736C7F4170}) (Version: 10.0.3 - capella software)
Train Simulator 2015 (HKLM-x32\...\Steam App 24010) (Version: - RailSimulator.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3110529466-1759550328-638498961-1002\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version: - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual TimeAnalyzer 1.5 (HKLM-x32\...\Visual TimeAnalyzer) (Version: 1.5 - Neuber Software)
War Thunder Launcher 1.0.1.252 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
watchmi (HKLM-x32\...\{AA4D1C5E-116A-4FF4-AA91-28F526868203}) (Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: - NCH Software)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.1.4.1300 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Liven asennustyökalu (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
WinRAR 4.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Worms Ultimate Mayhem (HKLM-x32\...\Steam App 70600) (Version: - )
YoutubeAdBlocke (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3110529466-1759550328-638498961-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tassilo Welsch\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
06-01-2015 20:09:26 DirectX wurde installiert
14-01-2015 22:49:39 Windows Update
15-01-2015 08:39:32 Windows Update
22-01-2015 18:27:41 Geplanter Prüfpunkt
28-01-2015 15:01:28 Wiederherstellungsvorgang
28-01-2015 16:09:19 Windows Update
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02025390-5726-4719-A2BB-ACAB192884F7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3110529466-1759550328-638498961-1002Core => C:\Users\Tassilo Welsch\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {0392A79F-8731-47F1-89D2-1AD67A282DE8} - System32\Tasks\At33 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {043FF251-D067-4ADE-AEDD-2AFC847E1D0F} - System32\Tasks\{0AE2D788-F196-46AB-BE15-15A9605BE958} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {04D46FE5-0D9E-46D2-8798-2666BDCE309D} - System32\Tasks\{1ED58AB2-8029-4E9C-A213-5C7894B1CA35} => pcalua.exe -a C:\m-r-software\Omsi\Omsi.exe -d C:\m-r-software\Omsi -c "-fullscreen"
Task: {05EDD863-B371-4899-A7D7-FA2980942271} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {070666B1-C2E1-4638-A839-CB4E67BC1A3D} - System32\Tasks\At30 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {094F27B0-5A00-45C1-B0FB-ACA578B19A45} - System32\Tasks\At28 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {09F37058-9D92-4327-AA4F-A75CE8A90886} - \At4 No Task File <==== ATTENTION
Task: {0A4D7FF9-ECAF-487A-8D2A-A896AF16CC21} - \At2 No Task File <==== ATTENTION
Task: {0ADB3337-B023-4353-8286-31A63D09D241} - System32\Tasks\{1A3F48C3-253E-4168-BD92-9241CFF2A4D8} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {10105F39-A419-4A24-8297-65EE512ABE35} - \At7 No Task File <==== ATTENTION
Task: {103D478E-F8CF-49B4-B0F9-A443B0D28D7F} - \At16 No Task File <==== ATTENTION
Task: {10618EBF-F08B-43B3-A332-5D58583E0272} - \At3 No Task File <==== ATTENTION
Task: {15104991-C26D-4167-8394-27B328193225} - System32\Tasks\{25A6C881-AD79-4A85-A0BB-0C6056602419} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {1AF891CF-6756-47B8-854C-C23DD6BA4C07} - System32\Tasks\{6D819BE8-C6CF-4F28-9AC9-A7E2AE497829} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {1E1ABE2D-B62E-496D-B537-88EA82AEEC26} - System32\Tasks\Amazon Music Helper => C:\Users\Tassilo Welsch\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-09-06] ()
Task: {202C9BA6-B730-4F88-B86B-639009CAA25C} - \At5 No Task File <==== ATTENTION
Task: {20C90576-D021-42E2-AEA5-06E029D5A080} - System32\Tasks\{B238AEDF-DE81-4E43-9330-FA6CC0F867A0} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {21DE7754-DD97-42E8-85C4-B6E80849EE41} - System32\Tasks\At43 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {25D2FB58-7DA6-4ECB-B192-D0776E007565} - System32\Tasks\At37 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {282DED2F-C270-46E1-A61E-B5B5FAADC8F7} - \At10 No Task File <==== ATTENTION
Task: {29725982-F7FC-40B6-A6DB-5DD2674153FD} - System32\Tasks\At39 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {29E822E6-8756-4E4F-A21F-0D033A1C330C} - System32\Tasks\{12F9ACDA-CA6A-431A-B4A4-3E2BC21F2250} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {355843D3-4F6B-4F67-8244-F64648B2C1E1} - \At20 No Task File <==== ATTENTION
Task: {35944AB0-ADF1-4882-A2D4-AECB50B52975} - System32\Tasks\chipSWU => Cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {364047D3-C5D1-4D24-8FB5-C2DD6DDF481C} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {3919F3D9-18BB-41EC-9826-56296FFAAFF7} - \At15 No Task File <==== ATTENTION
Task: {427D426D-332F-4BF1-8266-BBFAB40E3CF9} - System32\Tasks\At47 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {46788C87-0C37-4FF1-A45A-AFB9A6D61350} - System32\Tasks\{44DCC17B-8C14-4418-BF73-310FB40AC60D} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {4921EC05-F17D-48C5-920B-3213A9FC0047} - System32\Tasks\{B3B0ECF1-0811-461C-A0E3-B737D0131314} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {4A76E701-557A-4868-914C-32D9253282CE} - System32\Tasks\{B83F56F7-41C0-4041-B880-6CF52C3F1FA2} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {4D2D5124-9062-44C9-A917-9C3AE33E6B0E} - System32\Tasks\{750A1C66-B661-4846-92BA-390FEC272DAF} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {51399FE4-24B9-4C6E-A29D-F4665B7C8048} - \At24 No Task File <==== ATTENTION
Task: {5A814DC2-A635-4AAA-8F45-5C42E8FEE7CB} - \At23 No Task File <==== ATTENTION
Task: {5A8B76CC-D296-4D77-BAE4-1677C8220AAD} - \At17 No Task File <==== ATTENTION
Task: {5E14173A-DEFD-4920-B10C-36ECAFB52B2B} - System32\Tasks\{5B7B4B03-B99E-4BA0-BBD9-2A2EA7E65036} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {5F3EA573-8819-423E-93DD-2DDC7C4FD56E} - System32\Tasks\{D09E4CC6-A05F-4FFA-8244-6D8FB05E6160} => C:\Users\Tassilo Welsch\AppData\Local\Amazon Cloud Player\Amazon Cloud Player.exe
Task: {5F57D93D-38A2-45F4-A423-9DFAAC6FF869} - System32\Tasks\{243BADA1-A22B-4B16-8043-39F74EDF3C77} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {6101C5EA-B462-48CD-B035-2C6E9C2A6CA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {64D5AA50-CDB3-4B3D-A40F-D820B91058F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {66255517-79A3-4F02-B460-0370432F317D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {694CD5F9-EB16-4C88-B4A3-D783B27AFAFB} - System32\Tasks\At25 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {71BFFC63-B880-4E68-B0ED-E59C069DC13A} - \At1 No Task File <==== ATTENTION
Task: {73584D25-52B4-45A3-9389-9B397670EF03} - System32\Tasks\At34 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {783E54CB-F145-430E-B287-F1C0C24415B1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {79D30614-991C-443A-ABC3-776ABCC330FD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7AEB562E-4247-493F-8996-0137D2A2850C} - System32\Tasks\{FCCC9FFA-FC10-4E1B-AE34-78B87BC36E68} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {838DD098-0C51-47A6-838F-C90C5595BC76} - \At12 No Task File <==== ATTENTION
Task: {843BEDBB-8F37-445A-B324-C9084E182B8B} - \At21 No Task File <==== ATTENTION
Task: {88E3BC65-2F38-494F-9985-D2CD7340369B} - System32\Tasks\At29 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {8938AFA7-F868-4D96-844B-EA1671232A93} - System32\Tasks\{C746D4EC-C1D8-40D3-9DA2-EF0E2328DC71} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {8A0B9FA0-5173-4285-B3A2-82018DB4A25C} - System32\Tasks\{AC17E5B0-4CF9-498D-9D60-C362574FC48B} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {8AC517C7-DC43-4CF5-B563-A9DF7913FE5B} - System32\Tasks\At42 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {8D818155-7C81-46C9-9171-E08E6621E1D8} - System32\Tasks\{C43FC5A4-1B2C-4F37-BBBB-D3EEB8947BBD} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {8E54C98E-8414-459A-B946-73A09C8B510D} - System32\Tasks\At27 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {8EADC75B-DFE7-47F6-9DC7-FE573A4E7C99} - System32\Tasks\At26 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {901009AC-1D16-4FE1-A529-1D466F64ED11} - \At6 No Task File <==== ATTENTION
Task: {9076459D-0AF5-4C56-B1F4-44968B8A8318} - \At8 No Task File <==== ATTENTION
Task: {95EDCB0E-F821-48A7-A0ED-3692B5987C5D} - System32\Tasks\At40 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {9D90C69D-D749-4E94-BA55-C172914A30CE} - System32\Tasks\{E0DD3A53-07DA-4236-A62E-6A42664D024F} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {9EDFEAE4-8268-4EFE-A4A3-9CCE33D983E6} - \At13 No Task File <==== ATTENTION
Task: {9FEBF923-899C-4C3F-A386-3C92C1D30DB1} - System32\Tasks\At45 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {A2AD11D1-76B0-4B21-AEFA-1056C53E05E1} - System32\Tasks\At31 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {A4628B90-0279-4C00-8FA8-033CE40AA740} - \At14 No Task File <==== ATTENTION
Task: {A80A92C6-9FE6-4096-9D2D-FD595711CC1E} - System32\Tasks\{63F7B680-1B36-4ACF-A86E-59FC74504873} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {A9B3202A-BE95-4C86-B58E-98971319C3E2} - System32\Tasks\At38 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {ACBDDC4F-97DE-4D0C-9492-713B174EDDDB} - \At11 No Task File <==== ATTENTION
Task: {B318E3F1-F201-4A40-8D42-D70500CBD7A8} - System32\Tasks\At46 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {B8E6A3AC-B431-438B-A7D4-74E6C1D87949} - \At19 No Task File <==== ATTENTION
Task: {BA158446-C7CE-49B8-A1D6-481A8B731D46} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {C6C0B6C4-59B7-487C-8F5E-9E84D2C91A81} - \At9 No Task File <==== ATTENTION
Task: {D0C4DBEE-71BA-4801-92F5-1A3B13B1CC65} - System32\Tasks\At41 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {D4138801-55D3-4902-8FF1-5136EA21594B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3110529466-1759550328-638498961-1002UA => C:\Users\Tassilo Welsch\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {D5CFB42B-2507-4E20-B209-4C10C758D6B8} - System32\Tasks\{1BED51C9-F658-49C5-B86C-D31BF8A961E8} => C:\Program Files (x86)\TML-Studios\World of Subways Vol.2\WoS.exe
Task: {D73D652F-4501-4C47-8AA2-2A6407458CA4} - System32\Tasks\At36 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {D779D6CC-EA9A-4207-AD9E-3BA663E94A72} - System32\Tasks\{15271AA7-DA3A-44C0-BCAE-6CC3CAADDDC0} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {DA6C0C70-D803-4C93-AB58-D06DEFF453D0} - System32\Tasks\{9BDB2E1A-6737-4103-80BB-A45643C92345} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {DB7CC111-37BE-488A-B7B6-BA571B8F8D52} - System32\Tasks\{9FD97733-AE8A-4759-8825-39DECB04E12A} => C:\Program Files (x86)\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe [2008-09-30] ()
Task: {DC05C5BA-4C6B-4F6D-9DD2-4BA66249976D} - System32\Tasks\At35 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {DC25BB7C-575E-497E-83D3-C36B298E191E} - System32\Tasks\At48 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {E5BDA5B7-2CF2-46BA-A413-8B643B022B34} - System32\Tasks\At44 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {E891FE67-EE89-4838-AF1A-8060BF2B54EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-28] (Adobe Systems Incorporated)
Task: {E8DC9438-CB3A-4157-8187-61C6688AF50A} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {E9464586-5878-4940-8EC7-741AA781CC31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {F30F424C-468A-4687-A7FB-1A7376E20D2E} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)
Task: {F3324A00-BF44-4504-B517-F21BAE717E2E} - System32\Tasks\{8C1D70BB-D416-4688-AFB9-173239B33133} => C:\Program Files (x86)\TML-Studios\World of Subways Vol.2\WoS.exe
Task: {F3EFE125-337C-4C3D-B5C5-36B5DED0CFB8} - \At18 No Task File <==== ATTENTION
Task: {F8ABD4ED-F635-4DAF-8BD0-6C71B13EC162} - System32\Tasks\At32 => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: {F8D94F39-8AF1-401C-8771-52ADDAA33375} - \At22 No Task File <==== ATTENTION
Task: {FDF6D008-0166-466E-BF7D-48B32299C963} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At10.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At11.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At12.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At13.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At14.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At15.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At16.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At17.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At18.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At19.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At2.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At20.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At21.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At22.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At23.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At24.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At25.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At26.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At27.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At28.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At29.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At3.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At30.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At31.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At32.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At33.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At34.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At35.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At36.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At37.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At38.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At39.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At4.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At40.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At41.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At42.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At43.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At44.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At45.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At46.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At47.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At48.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At5.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At6.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At7.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At8.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\At9.job => C:\ProgramData\40543q1E.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110529466-1759550328-638498961-1002Core.job => C:\Users\Tassilo Welsch\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110529466-1759550328-638498961-1002UA.job => C:\Users\Tassilo Welsch\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-19 21:08 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2012-02-21 21:44 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-12-25 21:06 - 2011-08-17 11:04 - 00247872 _____ () C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
2013-01-07 19:36 - 2011-09-06 03:02 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2010-12-06 12:52 - 2010-12-06 12:52 - 00062464 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2011-12-24 19:51 - 2011-12-24 19:51 - 00061952 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.5.0.5__f722db7bec59a14b\Tvd.Remote.dll
2011-12-24 19:51 - 2011-12-24 19:51 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2011-12-24 19:51 - 2011-12-24 19:51 - 00078848 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.5.0.5__f722db7bec59a14b\Tvd.Reporting.dll
2011-12-24 19:51 - 2011-12-24 19:51 - 00148480 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.5.0.5__f722db7bec59a14b\Tvd.Aprico.dll
2014-10-12 13:22 - 2014-09-06 01:54 - 06281536 _____ () C:\Users\Tassilo Welsch\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-12-06 12:52 - 2010-12-06 12:52 - 01070080 _____ () C:\Program Files (x86)\watchmi\TvdTray.exe
2010-12-06 12:52 - 2010-12-06 12:52 - 00004608 _____ () C:\Program Files (x86)\watchmi\de\TvdTray.resources.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-21 20:25 - 2013-11-19 21:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2010-08-03 23:39 - 2010-08-03 23:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-03 23:39 - 2010-08-03 23:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-01-17 16:19 - 2012-02-28 21:57 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-11-28 23:49 - 2014-12-02 13:02 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-28 18:39 - 2015-01-28 18:39 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
2014-10-17 11:03 - 2014-10-17 11:03 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-08-11 21:01 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:02B2B479
AlternateDataStreams: C:\ProgramData\Temp:2C14C495
AlternateDataStreams: C:\ProgramData\Temp:40D3D3E8
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:F1A5FE8B
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3110529466-1759550328-638498961-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3110529466-1759550328-638498961-1007 - Limited - Enabled)
Gast (S-1-5-21-3110529466-1759550328-638498961-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3110529466-1759550328-638498961-1004 - Limited - Enabled)
Tassilo Welsch (S-1-5-21-3110529466-1759550328-638498961-1002 - Administrator - Enabled) => C:\Users\Tassilo Welsch
UpdatusUser (S-1-5-21-3110529466-1759550328-638498961-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/29/2015 08:20:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0, Zeitstempel: 0x5313ef48
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007fe957b0368
ID des fehlerhaften Prozesses: 0x98c
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (01/28/2015 06:43:44 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 06:41:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0, Zeitstempel: 0x5313ef48
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007fe98d40368
ID des fehlerhaften Prozesses: 0x848
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (01/28/2015 05:46:25 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 05:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0, Zeitstempel: 0x5313ef48
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007fe988e0368
ID des fehlerhaften Prozesses: 0x6dc
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (01/28/2015 03:16:50 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 03:14:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sidebar.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7a1c7
Name des fehlerhaften Moduls: gadget.dll, Version: 14.0.0.4764, Zeitstempel: 0x52484648
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ad07
ID des fehlerhaften Prozesses: 0xe64
Startzeit der fehlerhaften Anwendung: 0xsidebar.exe0
Pfad der fehlerhaften Anwendung: sidebar.exe1
Pfad des fehlerhaften Moduls: sidebar.exe2
Berichtskennung: sidebar.exe3
Error: (01/28/2015 03:13:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (01/28/2015 02:40:37 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 02:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0, Zeitstempel: 0x5313ef48
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007fe95920368
ID des fehlerhaften Prozesses: 0x984
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
System errors:
=============
Error: (01/29/2015 08:22:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/29/2015 08:22:11 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/29/2015 08:20:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/29/2015 08:18:56 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (01/29/2015 08:18:55 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (01/29/2015 08:18:51 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (01/29/2015 08:18:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Error: (01/29/2015 08:18:47 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (01/29/2015 08:18:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "M2500" wurde mit folgendem Fehler beendet:
%%2
Error: (01/28/2015 06:51:22 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Microsoft Office Sessions:
=========================
Error: (01/29/2015 08:20:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.1.0.05313ef48unknown0.0.0.00000000000000000000007fe957b036898c01d03b93d8b5b77aC:\Program Files\KMSpico\Service_KMS.exeunknown3d20c4c7-a787-11e4-8c72-5cf370628b9b
Error: (01/28/2015 06:43:44 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 06:41:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.1.0.05313ef48unknown0.0.0.00000000000000000000007fe98d4036884801d03b21aa1c323eC:\Program Files\KMSpico\Service_KMS.exeunknownf49d3078-a714-11e4-8b94-5cf370628b9b
Error: (01/28/2015 05:46:25 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 05:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.1.0.05313ef48unknown0.0.0.00000000000000000000007fe988e03686dc01d03b19713b83caC:\Program Files\KMSpico\Service_KMS.exeunknownc51b3c54-a70c-11e4-a54d-5cf370628b9b
Error: (01/28/2015 03:16:50 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 03:14:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sidebar.exe6.1.7601.175144ce7a1c7gadget.dll14.0.0.476452484648c0000005000000000000ad07e6401d03b04a02add80C:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\gadget.dll024a9502-a6f8-11e4-9d61-5cf370628b9b
Error: (01/28/2015 03:13:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Tassilo Welsch\Desktop\SoftonicDownloader_for_postal-2.exe
Error: (01/28/2015 02:40:37 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (01/28/2015 02:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.1.0.05313ef48unknown0.0.0.00000000000000000000007fe9592036898401d03affb06f4a62C:\Program Files\KMSpico\Service_KMS.exeunknown18b16483-a6f3-11e4-a55b-5cf370628b9b
CodeIntegrity Errors:
===================================
Date: 2015-01-28 15:44:27.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-28 15:44:27.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-28 15:44:27.317
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-28 15:44:27.317
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-28 15:29:59.345
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-28 15:29:59.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-28 15:29:59.220
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-28 15:29:59.158
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:47:38.716
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 16:47:38.626
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 57%
Total physical RAM: 4077.64 MB
Available physical RAM: 1752.78 MB
Total Pagefile: 8153.46 MB
Available Pagefile: 5480.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1295.02 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.54 GB) NTFS
Drive e: (KTS Multi-Device) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Evtl. hilft das ja was bei meinem Problem. MfG Tassimo |
|
29.01.2015, 14:53
| #17 |
   | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Wenn die Windows-Firewall sich auch nicht mehr starten lässt dann deutet das eindeutig auf einen Malwarebefall hin, du wirst um eine Neuinstallation nicht herumkommen.
__________________ |
|
29.01.2015, 16:06
| #18 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Natürlich wird er das.Schrauber usw. sind auf malware spezialisiert .Und das kann tausende gründe haben man muss nicht immer eine Neuinstallation machen
__________________
__________________ |
|
29.01.2015, 16:33
| #19 | |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden"Zitat:
Das wollte ich hören, denn, würde eine Neuinstallation bedeuten, dass ich mir auch ein neues Windows zulegen muss? Ich hatte den PC nämlich mit Windows bekommen und also auch gar keine Windows-CD. Oder geht das evtl. auch "PC intern"? |
|
29.01.2015, 16:44
| #20 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" tino hab noch was anderes für dich 1.)führe die Reg datei im anhang aus 2.)Pc neustart 3.)Klicke die Windowstaste +R und gib regedit ein 4.)gehe zu HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE 5.)Rechtsklick auf den Ordner, gehe zum Reiter bBerechtigung und aktiviere Vollzugriff für jeden User 6.)Klicke erneut Windowstaste +R und gib services.msc ein 7.)Suche und aktiviere die beiden Dienste base filtering engine service windows firewall service 8.)Neustart Zu deiner Frage du brauchst die Windows-Cd für eine Neuinstallation nicht.Du kannst dir mit einer iso-Datei selbst eine ertsellen, das ist jetzt aber nicht relevant
__________________ Gruss momolol |
|
29.01.2015, 17:08
| #21 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Vielen Dank momolol404, @Ich warte noch auf das was Schrauber sagt. (Ich will ja nich noch mehr kaputt machen)  LG Tassimo |
|
29.01.2015, 17:11
| #22 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Ich hatte auch mal so ein Problem wenn du auf Schruaber warten willst kannst du das sehr gerne tun
__________________ Gruss momolol |
|
29.01.2015, 17:14
| #23 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Ich bin eigentlich auch sehr versucht das zu machen, aber die Frage ist, was passiert, wenn das nichts bringt. Richte ich dann damit nur mehr schaden an? |
|
29.01.2015, 17:24
| #24 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Nein tust du nicht und selbst wenn du könntest in 2 minuten ein Registry Backup machenund alles wäre wie früher
__________________ Gruss momolol |
|
29.01.2015, 17:51
| #25 |
 | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Auf deinem Rechner ist so einiges zu bereinigen. Ohh lala. Schrauber wird dir Anweisungen geben, wie du sie wieder los wirst. |
|
29.01.2015, 17:53
| #26 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Okay danke  ich warte dann so lange.Vielen Dank schonmal für eure Hilfe |
|
29.01.2015, 17:55
| #27 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" ziemlich vollgemüllten Pc den du da hast
__________________ Gruss momolol |
|
29.01.2015, 17:56
| #28 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Ohje wieso das denn?? Und wieso ist mir das nie aufgefallen? |
|
29.01.2015, 18:01
| #29 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Ziemlich viele Plugins und Programme.Hast vllt. ieine illegale Software auf dein PC.Räum mal dein Atuostart etwas auf und eine menge Toolbars und so wie ich das erkennen konnte hast du zeroacces auf dein pc(Virus)
__________________ Gruss momolol |
|
29.01.2015, 18:02
| #30 |
| | Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" Ohje das ist nicht gut! Wie kann ich denn meinen Autostart aufräumen? |
|
| Themen zu Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden" |
| altes, antivierenprogramm, bereits, durchgeführt, engine, erklärt, fehlermeldung, heute, installer, installiere, inter, interne, internetsecurity, kaspersky, neue, nicht vorhanden, problem, programm, security, titel, total, total security, unwissend, version, vorhanden |
Kaspersky 15 installertion kann nicht durchgeführt werden wg. "Basefiltering engine nicht vorhanden"
Linear-Darstellung
