| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Festplattenkapazität schwankt ständig, ohne etwas abgespeichert zu haben.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.02.2015, 19:19
| #1 |
 |  Festplattenkapazität schwankt ständig, ohne etwas abgespeichert zu haben. Hallo, ich bin am verzweifeln. Meine Festplatte dürfte eigentlich nicht übermäßig voll sein. Vor kurzem hatte ich nur noch 3 GB. Danach habe ich viele Dateien auf eine externe Festplatte verschoben und Schrott gelöscht. Ich hatte danach wieder 35 GB (bei insgesamt 130 GB). Allerdings habe ich seit ein paar Tagen massive Probleme. Gestern hatte ich z.B. kurzfristig mal nur noch 0,98 GB, dann wieder 16 GB, es pendelt sich jetzt bei 3 GB ein. Allerdings speichere ich so gut wie nichts zusätzliches ab. Ich habe ein Lenovo Thinkpad, die Hotline dort meinte, das müsste ein Virus sein, allerdings finden meine Scanner nichts. Die Ergebnisse des Scans: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by geht dich nichts an (administrator) on GEHTDICHNICHTSA on 02-02-2015 18:37:52
Running from C:\Users\geht dich nichts an\Downloads
Loaded Profiles: geht dich nichts an (Available profiles: UpdatusUser & geht dich nichts an)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(SmartStore AG) C:\Program Files (x86)\SmartStore\SmartStore.biz 6\SMBiz6.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
(SmartStore AG) C:\Program Files (x86)\SmartStore\SmartStore Office\SMOffice.exe
() C:\Windows\System32\spool\drivers\x64\3\usp01pi.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
() C:\Program Files (x86)\Wunderlist\WunderlistApp.exe
() C:\Program Files (x86)\Wunderlist\WunderlistApp.exe
() C:\Program Files (x86)\Wunderlist\WunderlistApp.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
() C:\Users\geht dich nichts an\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-04-14] (Lenovo)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\panelmgr\SSMMgr.exe [692224 2012-02-15] ()
HKLM-x32\...\Run: [ROC_roc_ssl_v12] => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\...\Run: [015E326E56C484A7B79C54B8DDA85BB3212D265E._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-01-27] (Google Inc.)
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-06-01] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [192616 2011-06-01] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\geht dich nichts an\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\geht dich nichts an\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1025189115-1702591184-657064703-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1025189115-1702591184-657064703-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1025189115-1702591184-657064703-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.holasearch.com/?q={searchTerms}&affID=121962&babsrc=SP_ss&mntrId=20972477034F5745
SearchScopes: HKU\S-1-5-21-1025189115-1702591184-657064703-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
SearchScopes: HKU\S-1-5-21-1025189115-1702591184-657064703-1001 -> {9F31F7DF-E690-4C20-9161-5673FBBF47CE} URL = hxxp://search.softonic.com/MON00016/tb_v1?q={searchTerms}&SearchSource=4&cc=
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1025189115-1702591184-657064703-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\geht dich nichts an\AppData\Roaming\Mozilla\Firefox\Profiles\lgr03xyy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Screengrab (fix version) - C:\Users\geht dich nichts an\AppData\Roaming\Mozilla\Firefox\Profiles\lgr03xyy.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2014-08-24]
FF Extension: Vine Video Download - C:\Users\geht dich nichts an\AppData\Roaming\Mozilla\Firefox\Profiles\lgr03xyy.default\Extensions\{776f38cb-6255-4b92-b5cf-e5c71ff2b688}.xpi [2014-08-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-29]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Protector by IB\Firefox
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-02-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-10]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/", "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_cr_de_display?ie=UTF8&tagbase=bds-p07&tbrId=v1_abb-channel-7_a3d180cb2ee64df2852dd7e2326a0adf_30_46_20131202_DE_cr_sp_IS0"
CHR Profile: C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Adblock Plus) - C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-05-29]
CHR Extension: (Avira Browserschutz) - C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-11]
CHR Extension: (Porsche) - C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg [2013-05-29]
CHR Extension: (Skype Click to Call) - C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-01-05]
CHR Extension: (Simply Block Ads!) - C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2013-05-29]
CHR Extension: (Google Wallet) - C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [aaaappmhgaaggeoepicjahnbofmjacog] - C:\Users\geht dich nichts an\AppData\Local\APN\GoogleCRXs\aaaappmhgaaggeoepicjahnbofmjacog_7.14.1.0.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]
CHR HKLM-x32\...\Chrome\Extension: [hpilclpacieflhmobalmaccogiioldoo] - C:\ProgramData\Bcool\hpilclpacieflhmobalmaccogiioldoo.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
R2 BecHelperService; C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [1737464 2010-01-28] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-10-02] (Macrovision Europe Ltd.) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [237056 2012-04-26] (Samsung Electronics Co., Ltd.) [File not signed]
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1492280 2011-08-18] (Lenovo Group Limited)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-07-12] (Symantec Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [594984 2011-04-07] (Ericsson AB)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
S3 CHIPDRIVE USB SmartCardReader; C:\Windows\SysWOW64\DRIVERS\TwkUsb2K.sys [35275 2005-09-19] (SCM Microsystems Inc.) [File not signed]
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2010-01-28] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-01-28] (Huawei Technologies Co., Ltd.)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2011-02-28] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-13] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-13] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-13] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-13] (MCCI Corporation)
S2 mdvrmng; C:\Windows\SysWOW64\drivers\mdvrmng.sys [10240 2010-01-28] () [File not signed]
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [117152 2009-10-26] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [38944 2009-10-26] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [44320 2009-10-05] (Realtek)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
S0 TwkMs; C:\Windows\SysWow64\Drivers\TwkMs.sys [4828 2003-04-24] (Towitoko AG)
S3 TWKSER2K; C:\Windows\SysWOW64\DRIVERS\TWKSER2K.sys [185611 2004-08-25] (SCM Microsystems Inc.) [File not signed]
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [286248 2011-04-06] (Ericsson AB)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-02 18:37 - 2015-02-02 18:38 - 00032997 ____C () C:\Users\geht dich nichts an\Downloads\FRST.txt
2015-02-02 18:37 - 2015-02-02 18:38 - 00000000 ___DC () C:\FRST
2015-02-02 18:37 - 2015-02-02 18:37 - 02131456 ____C (Farbar) C:\Users\geht dich nichts an\Downloads\FRST64.exe
2015-02-02 18:36 - 2015-02-02 18:36 - 00000000 ____C () C:\Users\geht dich nichts an\defogger_reenable
2015-02-02 18:35 - 2015-02-02 18:36 - 00000500 ____C () C:\Users\geht dich nichts an\Downloads\defogger_disable.log
2015-02-02 18:35 - 2015-02-02 18:35 - 00000272 ____C () C:\Users\geht dich nichts an\Downloads\defogger_enable.log
2015-02-02 18:34 - 2015-02-02 18:34 - 00050477 ____C () C:\Users\geht dich nichts an\Downloads\Defogger.exe
2015-02-02 10:05 - 2015-02-02 13:14 - 00000168 ____C () C:\Windows\setupact.log
2015-02-02 10:05 - 2015-02-02 10:05 - 00000000 ____C () C:\Windows\setuperr.log
2015-02-01 22:04 - 2015-02-01 22:04 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-01-31 10:29 - 2015-01-31 10:29 - 00011047 _____ () C:\Users\geht dich nichts an\Documents\bestellung kappen zwetz mit namen.xlsx
2015-01-30 19:40 - 2015-01-30 19:40 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-30 19:40 - 2015-01-30 19:40 - 00000000 ___DC () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-30 19:40 - 2015-01-30 19:40 - 00000000 ___DC () C:\Program Files\iTunes
2015-01-30 19:40 - 2015-01-30 19:40 - 00000000 ___DC () C:\Program Files\iPod
2015-01-30 19:40 - 2015-01-30 19:40 - 00000000 ___DC () C:\Program Files (x86)\iTunes
2015-01-29 21:04 - 2015-01-29 21:05 - 05322912 ____C (TeamViewer) C:\Users\geht dich nichts an\Downloads\TeamViewerQS_de.exe
2015-01-29 20:57 - 2015-01-29 20:57 - 00974024 ____C (TeamViewer) C:\Users\geht dich nichts an\Downloads\TeamViewerQS_de.exe.part
2015-01-29 15:42 - 2015-01-29 15:42 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 18:18 - 2015-01-25 18:18 - 00003574 ____C () C:\Users\geht dich nichts an\Desktop\Stromverbrauchssteuerung - Verknüpfung.lnk
2015-01-14 08:26 - 2015-01-15 03:03 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:26 - 2015-01-15 03:03 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:26 - 2015-01-15 03:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:26 - 2015-01-15 03:03 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:26 - 2015-01-15 03:03 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:26 - 2015-01-15 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 08:26 - 2015-01-15 03:02 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:26 - 2015-01-15 03:02 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:26 - 2015-01-15 03:02 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:26 - 2015-01-15 03:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:26 - 2015-01-15 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:26 - 2015-01-15 03:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:26 - 2015-01-15 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 15:39 - 2015-01-13 15:40 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\gd l 85
2015-01-03 17:45 - 2015-02-02 15:30 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Local\Wunderlist
2015-01-03 17:38 - 2015-01-03 17:38 - 00002519 ____C () C:\Users\Public\Desktop\Wunderlist.lnk
2015-01-03 17:38 - 2015-01-03 17:38 - 00002505 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wunderlist.lnk
2015-01-03 17:38 - 2015-01-03 17:38 - 00000000 ___DC () C:\Program Files (x86)\Wunderlist
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-02 18:36 - 2012-04-12 14:37 - 00000000 ___DC () C:\Users\geht dich nichts an
2015-02-02 18:32 - 2012-04-15 21:50 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Roaming\Skype
2015-02-02 18:17 - 2012-02-03 18:19 - 01883972 ____C () C:\Windows\WindowsUpdate.log
2015-02-02 17:47 - 2013-01-04 16:50 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 17:47 - 2012-02-03 18:21 - 00001110 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 15:24 - 2012-04-18 20:27 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\Vororder
2015-02-02 14:43 - 2012-04-12 14:45 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\diverse
2015-02-02 14:15 - 2012-02-04 02:52 - 00710150 ____C () C:\Windows\system32\perfh007.dat
2015-02-02 14:15 - 2012-02-04 02:52 - 00154554 ____C () C:\Windows\system32\perfc007.dat
2015-02-02 14:15 - 2009-07-14 06:13 - 01649556 ____C () C:\Windows\system32\PerfStringBackup.INI
2015-02-02 13:43 - 2012-02-03 18:21 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 13:31 - 2009-07-14 05:45 - 00031296 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 13:31 - 2009-07-14 05:45 - 00031296 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 13:29 - 2013-08-18 13:55 - 00000099 ____C () C:\Users\Public\LMDebug.log
2015-02-02 13:17 - 2012-12-27 12:25 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2015-02-02 13:15 - 2014-07-26 11:35 - 00008192 ____C () C:\Windows\SysWOW64\WDPABKP.dat
2015-02-02 13:15 - 2013-07-18 09:54 - 00000000 __RDC () C:\Users\geht dich nichts an\Dropbox
2015-02-02 13:15 - 2013-07-18 09:51 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Roaming\Dropbox
2015-02-02 13:15 - 2012-02-03 18:13 - 00000000 ___DC () C:\ProgramData\NVIDIA
2015-02-02 13:14 - 2013-10-07 21:53 - 00000466 ____C () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-02-02 13:14 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2015-02-02 12:37 - 2014-01-23 10:59 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\obi
2015-02-02 12:33 - 2012-04-18 20:26 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\webordner ab 20.7.07
2015-02-02 12:33 - 2012-04-12 14:44 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\brech
2015-02-02 12:13 - 2013-10-07 21:53 - 00003534 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-02-02 12:13 - 2013-10-07 21:53 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-02-02 11:56 - 2013-11-22 17:25 - 00000000 ___DC () C:\Program Files (x86)\StarMoney 9.0
2015-02-02 10:28 - 2012-05-03 06:23 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Local\CrashDumps
2015-02-02 09:53 - 2013-02-10 14:19 - 00000000 ___DC () C:\Windows\Minidump
2015-02-01 14:03 - 2012-04-12 14:48 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\SmartStore Office Projekte
2015-02-01 12:52 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\system32\NDF
2015-02-01 12:13 - 2013-05-08 09:56 - 00560020 ____C () C:\Windows\PFRO.log
2015-02-01 11:57 - 2012-02-03 18:21 - 00000000 ___DC () C:\ProgramData\PCDr
2015-01-31 10:32 - 2012-04-12 14:54 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\Angebote Badekappen
2015-01-30 19:40 - 2012-04-19 18:57 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2015-01-30 12:48 - 2013-08-18 14:05 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\Scan
2015-01-29 23:55 - 2012-04-12 14:45 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\dateien ursula
2015-01-29 23:55 - 2012-04-12 14:45 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\dateien Harald
2015-01-29 22:54 - 2013-11-10 11:39 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-29 22:11 - 2012-04-12 14:38 - 00155752 ____C () C:\Users\geht dich nichts an\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-29 22:10 - 2009-07-14 05:45 - 02475592 ____C () C:\Windows\system32\FNTCACHE.DAT
2015-01-29 22:05 - 2012-02-03 18:15 - 00000000 ___DC () C:\Program Files (x86)\Corel
2015-01-29 21:57 - 2012-02-03 18:04 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information
2015-01-29 21:52 - 2012-02-03 18:18 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel DVD MovieFactory Lenovo Edition
2015-01-29 21:52 - 2012-02-03 18:17 - 00000000 ___DC () C:\ProgramData\Ulead Systems
2015-01-29 21:05 - 2013-09-23 18:05 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Roaming\TeamViewer
2015-01-29 21:02 - 2014-06-10 10:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-29 21:00 - 2013-05-25 15:24 - 00002335 ____C () C:\Users\geht dich nichts an\Desktop\Google Chrome.lnk
2015-01-27 10:33 - 2012-04-14 13:13 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Roaming\FileZilla
2015-01-27 10:09 - 2013-08-27 08:48 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Local\S2PC
2015-01-27 10:09 - 2012-04-12 21:18 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\Fax
2015-01-25 17:45 - 2013-01-04 16:50 - 00701616 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 17:45 - 2013-01-04 16:50 - 00071344 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 17:45 - 2013-01-04 16:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 12:47 - 2009-07-14 04:20 - 00000000 _RSDC () C:\Windows\Media
2015-01-22 16:13 - 2012-04-12 14:46 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\preislisten
2015-01-21 09:20 - 2013-10-07 21:53 - 00000528 ____C () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-01-18 07:36 - 2013-10-07 21:53 - 00004274 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-01-17 19:41 - 2013-12-22 17:57 - 00000000 ___DC () C:\Users\geht dich nichts an\Documents\Frankfurt Lötzener
2015-01-07 17:40 - 2014-08-31 17:09 - 00000066 ____C () C:\Users\geht dich nichts an\Documents\debug.log
2015-01-03 19:33 - 2013-07-18 09:54 - 00001078 ____C () C:\Users\geht dich nichts an\Desktop\Dropbox.lnk
2015-01-03 19:33 - 2013-07-18 09:52 - 00000000 ___DC () C:\Users\geht dich nichts an\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Files in the root of some directories =======
2012-04-12 15:03 - 2011-08-09 16:36 - 0223808 ____C () C:\Users\geht dich nichts an\AppData\Roaming\wanancsp.dat
2012-04-13 18:16 - 2012-04-13 18:16 - 0000107 ____C () C:\Users\geht dich nichts an\AppData\Local\fusioncache.dat
2012-04-12 21:23 - 2012-10-13 09:33 - 0007029 ____C () C:\ProgramData\hpzinstall.log
2012-05-06 14:34 - 2012-05-06 14:34 - 0000952 __SHC () C:\ProgramData\KGyGaAvL.sys
Files to move or delete:
====================
C:\Users\geht dich nichts an\WDMyCloud_win.exe
Some content of TEMP:
====================
C:\Users\geht dich nichts an\AppData\Local\Temp\avgnt.exe
C:\Users\geht dich nichts an\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\geht dich nichts an\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4z2c8r.dll
C:\Users\geht dich nichts an\AppData\Local\Temp\ResetDevice.exe
C:\Users\test\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-25 15:03
==================== End Of Log ============================
FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by geht dich nichts an at 2015-02-02 18:39:50
Running from C:\Users\geht dich nichts an\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3Connect (HKLM-x32\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - 3 Mobile Broadband)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Creative Suite 3 Design Standard hinzufügen oder entfernen (HKLM-x32\...\Adobe_c5cbed37a01f242ac41d8f4528b7a0d) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CHIPDRIVE extern/intern/micro treiber 3.1 (HKLM-x32\...\{AA898D01-D4E3-43C6-8E25-70CA660B9F16}) (Version: 3.04.0001 - SCM Microsystems)
CHIPDRIVE Smartcard Commander (HKLM-x32\...\CHIPDRIVE Smartcard Commander_CDInst21) (Version: - SCM Microsystems)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKU\S-1-5-21-1025189115-1702591184-657064703-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Huawei modem (HKLM-x32\...\Huawei Modems) (Version: - )
iDRS(tm) OCR Software by I.R.I.S (HKLM-x32\...\iDRS(tm) OCR Software by I.R.I.S) (Version: 1.00.17 (17.04.2012) - Samsung Electronics Co., Ltd.)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.0.0019.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.00.0000 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.20.0001 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 German Language Pack (HKLM-x32\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.4.1.6 - Ericsson AB)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.71 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)
RapidDrive Advanced Version 1.0.12 (HKLM-x32\...\{F8F9F1AC-5CB0-4DBB-87FA-1A6BC4EA02E5}_is1) (Version: 1.0.12 - LENOVO, Inc.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.50.0025.00 - Lenovo Group Limited)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.04 (07.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.03.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.51.00(19.06.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.49.0 - Samsung Electronics Co., Ltd.)
Samsung M2020 Series (HKLM-x32\...\Samsung M2020 Series) (Version: 1.14 (16.07.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.14 (16.07.2014) - Samsung Electronics Co., Ltd.)
Samsung ML-1610 Series (HKLM-x32\...\Samsung ML-1610 Series) (Version: - )
Samsung ML-1640 Series (HKLM-x32\...\Samsung ML-1640 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung ML-2240 Series (HKLM-x32\...\Samsung ML-2240 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.24 (25.04.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
SCR201 PC/SC and CT-API Drivers Installation (HKLM-x32\...\{8CB0671F-2D9D-4604-93B8-AB00F9B1F85D}) (Version: - )
SCR3xxx Smart Card Reader (HKLM-x32\...\{9C411EF9-6EBA-46E3-8132-EDADF1CC0B16}) (Version: 8.41 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartStore Office 1.1 (HKLM-x32\...\{FFE4F517-A123-426E-BCB7-1EB37F9CB641}) (Version: 1.1.61 - SmartStore AG)
SmartStore.biz 6 (HKLM-x32\...\{0B8AE7AF-E2AC-40AB-A1CF-3259101E81E8}) (Version: 6.4.2 - SmartStore AG)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
StarMoney (x32 Version: 1.0 - StarFinanz) Hidden
StarMoney (x32 Version: 3.0.0.124 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 8.0 (HKLM-x32\...\{4B2D9AAC-A6C5-47DD-9F78-4A85DA5B8F62}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0 (HKLM-x32\...\{50019E5F-674F-4633-840F-1817E8EC547D}) (Version: 9.0 - Star Finanz GmbH)
SuperCar (HKLM-x32\...\SuperCar) (Version: - )
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.63 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.8.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.84 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.03 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.07 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.73 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.141 - VeriSign)
WD My Cloud (HKLM\...\{8F19C800-80A5-4636-B560-39A58112D45B}) (Version: 1.0.4.37 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{57F80E51-A2F3-44AD-BA17-3275B0433165}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{2A9937AF-6650-40D6-ADFA-EEB731B908DF}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows-Treiberpaket - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wunderlist (HKLM-x32\...\{05005782-A2CD-4EF9-B838-C3B00FED2412}) (Version: 3.2.1.1 - 6 Wunderkinder GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1025189115-1702591184-657064703-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
25-01-2015 12:47:13 Installiert Energie-Manager
29-01-2015 21:41:18 Konfiguriert Corel DVD MovieFactory 7
29-01-2015 21:58:26 Removed Corel WinDVD.
29-01-2015 22:01:18 Removed Corel WinDVD.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2013-01-03 12:12 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {045C48D7-F86C-4EFB-9FA9-4FDF5A4ADC17} - System32\Tasks\Western Digital\SmartWare\____Volume_bd3966c5_4e88_11e1_b64d_806e6f6e6963__dropbox_685e8fd5_e804_47a3_a050_0533a86f63dd_dropbox_ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2014-07-22] (Western Digital Technologies, Inc.)
Task: {272F3321-2DD8-4D3F-BFB6-165288BE9933} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {37E4971D-539F-4C09-A8DC-B605492A41B5} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {4A4E2F36-7414-4C93-B6DC-A5B0CAFEA97B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6CAB52D3-BBEB-4EBC-BC3C-5BDA0736A5E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {77056952-F6BC-4996-9384-DF75FA62C93D} - System32\Tasks\{1AA5BB76-83B3-469A-BD5C-264496751CD8} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {7CF929BF-38E7-412D-8ED3-9C65AFBB88E8} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {9A62BD4A-A2C7-4F75-896B-8F1B8672E2CF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
Task: {A76E9A2D-7A35-4DEC-B6E2-EBBF14ED4E05} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {AD424563-D126-4398-8EE2-5617CD5DD830} - System32\Tasks\{E71CDD0D-9242-46FA-A10A-D43E269046A9} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {C574AFD3-1112-4179-8360-EA896498A6F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CEABDAF5-B448-4317-ABA9-C4B521F0C77B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {D105237D-591E-44D4-8F16-8F6BA474C35A} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {E877A968-D596-4BCC-BD46-F92318AF3D1F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F107244F-CFC1-4500-B70F-37DE4ECE6F7C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {F172D4D9-58CC-4049-82D2-4AAB1F8ADC3F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F42945B4-97B5-4C10-8B84-89F848DE39E9} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
Task: {F6CECD30-AE44-40B6-81FE-15A6CC8D075E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FE34AD48-B273-42B4-B0A4-72BF9B6003DD} - System32\Tasks\StartRapidDriveAdvancedServiceTask => net
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 ____N () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-11-07 17:31 - 2013-05-29 12:56 - 00034304 _____ () C:\Windows\System32\ssj2mlm.dll
2014-12-06 15:30 - 2013-05-29 13:01 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2009-08-28 10:52 - 2009-08-28 10:52 - 00022016 ____N () C:\Windows\System32\ssp1ml6.dll
2012-04-20 13:47 - 2008-01-11 05:19 - 00022016 ____N () C:\Windows\System32\ssp2ml6.dll
2013-06-21 12:52 - 2013-06-21 12:52 - 00034304 ____N () C:\Windows\System32\sst7clm.dll
2013-08-18 15:29 - 2012-01-09 14:58 - 00034304 ____N () C:\Windows\System32\sst7ylm.dll
2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 ____N () C:\Windows\System32\sugo3l6.dll
2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 ____N () C:\Windows\System32\sugs1l6.dll
2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 ____N () C:\Windows\System32\sugs2l6.dll
2014-11-03 15:54 - 2014-04-16 09:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-01 21:08 - 2010-01-28 12:47 - 01737464 _____ () C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
2014-12-06 15:27 - 2013-02-22 13:29 - 00365568 ____C () C:\Windows\system32\SaMinDrv.dll
2013-11-26 10:05 - 2013-11-26 10:05 - 00091136 ____C () C:\Windows\system32\ssdevm64.dll
2012-02-03 18:14 - 2011-08-31 19:03 - 00055808 ____C () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 ____N () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-07-14 00:57 - 2009-07-14 02:40 - 00069120 ____N () C:\Windows\system32\BWContextHandler.dll
2012-02-04 02:48 - 2011-05-19 13:04 - 00057640 ____N () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-02-03 18:09 - 2010-10-26 05:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2012-02-03 18:13 - 2011-03-06 12:07 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-02-15 14:15 - 2012-02-15 14:15 - 00692224 ____N () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-04-20 13:47 - 2008-01-11 06:39 - 00327168 ____N () C:\Windows\Samsung\PanelMgr\caller64.exe
2010-12-18 15:50 - 2010-12-18 15:50 - 00171296 ____N () C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
2014-11-03 15:54 - 2014-07-24 19:54 - 01194496 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\usp01du.dll
2014-11-03 15:54 - 2014-04-16 09:20 - 01817600 ____C () C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\USP01UM.DLL
2014-11-07 17:31 - 2014-06-18 13:44 - 01325056 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssj2mdu.dll
2013-06-21 12:52 - 2013-06-21 12:52 - 01361408 ____C () C:\Windows\system32\spool\DRIVERS\x64\3\sst7cdu.dll
2013-08-18 15:29 - 2012-04-26 11:32 - 01186304 ____C () C:\Windows\system32\spool\DRIVERS\x64\3\sst7ydu.dll
2014-12-06 15:30 - 2014-06-18 13:46 - 01325056 ____C () C:\Windows\system32\spool\DRIVERS\x64\3\ssm4mdu.dll
2014-11-03 15:54 - 2014-07-04 07:39 - 00249368 _____ () c:\windows\system32\spool\drivers\x64\3\usp01pi.exe
2014-12-17 11:47 - 2014-12-17 11:47 - 41770496 ____C () C:\Program Files (x86)\Wunderlist\WunderlistApp.exe
2015-02-02 18:34 - 2015-02-02 18:34 - 00050477 ____C () C:\Users\geht dich nichts an\Downloads\Defogger.exe
2015-02-02 09:44 - 2015-02-02 09:44 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll
2011-04-14 12:15 - 2011-04-14 12:15 - 00086016 ____N () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2013-02-12 21:26 - 2011-01-13 09:44 - 00232800 ____N () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll
2014-08-08 11:37 - 2011-01-13 11:44 - 00232800 ____C () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2012-02-03 18:12 - 2011-03-10 11:06 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2011-04-14 12:34 - 2011-04-14 12:34 - 00059392 ____N () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll
2012-02-03 18:15 - 2010-04-06 09:05 - 02085888 ____N () C:\Program Files\Lenovo\AutoLock\cv210.dll
2012-02-03 18:15 - 2010-04-06 09:04 - 02201088 ____N () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2014-12-09 22:23 - 2014-12-09 22:23 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 ____C () C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-02 13:15 - 2015-02-02 13:15 - 00043008 ____C () c:\Users\geht dich nichts an\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4z2c8r.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 ____C () C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 ____C () C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 ____C () C:\Users\geht dich nichts an\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-07-26 11:34 - 2013-07-26 11:34 - 05279744 _____ () C:\Program Files (x86)\SmartStore\SmartStore.biz 6\Bin\SMResLib.dll
2013-07-26 11:34 - 2013-07-26 11:34 - 00020480 _____ () C:\Program Files (x86)\SmartStore\SmartStore.biz 6\Bin\SMRes1031.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 ____N () C:\Windows\SysWOW64\msjetoledb40.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 ____N () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 ____N () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-01-29 15:42 - 2015-01-29 15:42 - 03925104 ____C () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2006-10-23 00:49 - 2006-10-23 00:49 - 03407872 ____N () c:\program files (x86)\adobe\acrobat 8.0\acrobat\exlang32.deu
2006-10-23 00:34 - 2006-10-23 00:34 - 00036864 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Spelling.DEU
2006-10-23 00:29 - 2006-10-23 00:29 - 00009728 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ADBC.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00970752 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PPKLite.DEU
2006-10-23 00:29 - 2006-10-23 00:29 - 00077824 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Accessibility.DEU
2006-10-23 00:29 - 2006-10-23 00:29 - 00798720 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\AcroForm.DEU
2006-10-23 00:32 - 2006-10-23 00:32 - 01224704 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Annots.DEU
2006-10-23 00:29 - 2006-10-23 00:29 - 00053248 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Catalog.DEU
2006-10-23 00:29 - 2006-10-23 00:29 - 00192512 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Checkers.DEU
2006-10-23 00:30 - 2006-10-23 00:30 - 00225280 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\DigSig.DEU
2006-10-23 00:30 - 2006-10-23 00:30 - 00015872 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\DistillerPI.DEU
2006-10-23 00:30 - 2006-10-23 00:30 - 00028672 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\eBook.DEU
2006-10-23 00:31 - 2006-10-23 00:31 - 00229376 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Editor.DEU
2006-10-23 00:31 - 2006-10-23 00:31 - 00098304 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\EScript.DEU
2006-10-23 00:31 - 2006-10-23 00:31 - 00006656 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\EWH32.DEU
2006-10-23 00:31 - 2006-10-23 00:31 - 00013312 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\HLS.DEU
2006-10-23 00:31 - 2006-10-23 00:31 - 00061440 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\HTML2PDF.DEU
2006-10-23 00:31 - 2006-10-23 00:31 - 00102400 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ImageConversion.DEU
2006-08-31 08:28 - 2006-08-31 08:28 - 00008704 ____R () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\InDesignPI.DEU
2006-10-23 00:32 - 2006-10-23 00:32 - 00245760 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\JDFProdDef.DEU
2006-10-23 00:32 - 2006-10-23 00:32 - 00086016 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\MakeAccessible.DEU
2006-10-23 00:32 - 2006-10-23 00:32 - 00159744 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Multimedia.DEU
2006-10-23 00:32 - 2006-10-23 00:32 - 00045056 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PaperCapture.DEU
2006-10-23 00:32 - 2006-10-23 00:32 - 00011264 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PDDom.DEU
2006-10-23 00:32 - 2006-10-23 00:32 - 00013312 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ReadOutLoud.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00008192 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\reflow.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00028672 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsRTF.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00019456 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsXML.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00098304 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Scan.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00053248 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00012288 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search5.DEU
2006-10-23 00:33 - 2006-10-23 00:33 - 00026112 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SendMail.DEU
2006-10-23 00:34 - 2006-10-23 00:34 - 00015360 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\TablePicker.DEU
2006-10-23 00:35 - 2006-10-23 00:35 - 00176128 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\TouchUp.DEU
2006-10-23 00:34 - 2006-10-23 00:34 - 00005120 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Updater.DEU
2006-10-23 00:35 - 2006-10-23 00:35 - 00053248 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\weblink.DEU
2006-10-23 00:35 - 2006-10-23 00:35 - 00143360 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\WebPDF.DEU
2006-10-23 00:35 - 2006-10-23 00:35 - 00012288 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\XPS2PDF.DEU
2006-10-01 20:49 - 2006-10-01 20:49 - 00389120 ____N () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeXMP.dll
2006-02-20 12:44 - 2006-02-20 12:44 - 03514368 ___RC () C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\LIBMYSQLD.dll
2014-12-17 12:18 - 2014-12-17 12:18 - 00870912 ____C () C:\Program Files (x86)\Wunderlist\libglesv2.dll
2014-12-17 12:18 - 2014-12-17 12:18 - 00128512 ____C () C:\Program Files (x86)\Wunderlist\libegl.dll
2014-12-17 12:18 - 2014-12-17 12:18 - 00951296 ____C () C:\Program Files (x86)\Wunderlist\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat - Schnellstart.lnk => C:\Windows\pss\Adobe Acrobat - Schnellstart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^geht dich nichts an^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^geht dich nichts an^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: 015E326E56C484A7B79C54B8DDA85BB3212D265E._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LTT => C:\Program Files\PC-Doctor\EnableToolbarW32.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1025189115-1702591184-657064703-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1025189115-1702591184-657064703-1004 - Limited - Enabled)
Gast (S-1-5-21-1025189115-1702591184-657064703-501 - Limited - Enabled)
geht dich nichts an (S-1-5-21-1025189115-1702591184-657064703-1001 - Administrator - Enabled) => C:\Users\geht dich nichts an
HomeGroupUser$ (S-1-5-21-1025189115-1702591184-657064703-1006 - Limited - Enabled)
UpdatusUser (S-1-5-21-1025189115-1702591184-657064703-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: TCP/IP-Protokolltreiber
Description: TCP/IP-Protokolltreiber
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VBoxAswDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/02/2015 06:01:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4508
Error: (02/02/2015 06:01:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4508
Error: (02/02/2015 06:01:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 06:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3182
Error: (02/02/2015 06:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3182
Error: (02/02/2015 06:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 06:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2059
Error: (02/02/2015 06:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2059
Error: (02/02/2015 06:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 06:01:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
System errors:
=============
Error: (02/02/2015 05:47:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (02/02/2015 02:12:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {74944725-B65F-4E37-8633-BD4DDE193921}
Error: (02/02/2015 01:43:45 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Program Files (x86)\Common Files\SmartStore Shared\AutoUpdate\1.0\SMAutoUpdate.exe -Embedding740{BDFEE667-B3E0-491F-8F46-F577DC54081D}
Error: (02/02/2015 01:17:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/02/2015 01:15:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (02/02/2015 01:15:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (02/02/2015 01:14:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile IP Route Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/02/2015 01:14:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mdvrmng.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (02/02/2015 00:23:55 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Program Files (x86)\Common Files\SmartStore Shared\AutoUpdate\1.0\SMAutoUpdate.exe -Embedding740{BDFEE667-B3E0-491F-8F46-F577DC54081D}
Error: (02/02/2015 00:01:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (02/02/2015 06:01:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4508
Error: (02/02/2015 06:01:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4508
Error: (02/02/2015 06:01:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 06:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3182
Error: (02/02/2015 06:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3182
Error: (02/02/2015 06:01:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 06:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2059
Error: (02/02/2015 06:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2059
Error: (02/02/2015 06:01:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2015 06:01:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
CodeIntegrity Errors:
===================================
Date: 2013-01-03 12:11:35.691
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-01-03 12:11:35.668
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-05-06 15:35:11.695
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-06 15:35:11.675
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-06 15:35:11.655
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-06 15:35:11.605
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-06 15:35:11.568
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-06 15:35:11.518
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-06 15:35:11.486
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-06 15:35:11.461
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 90%
Total physical RAM: 3979.23 MB
Available physical RAM: 366.51 MB
Total Pagefile: 7956.65 MB
Available Pagefile: 3917.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:131.96 GB) (Free:3.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 0C7E5F42)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=132 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
gmer bringt Fehlermeldung, da komme ich nciht weiter |
| Themen zu Festplattenkapazität schwankt ständig, ohne etwas abgespeichert zu haben. |
| antivir, antivirus, avira, bonjour, browser, combofix, desktop, entfernen, error, festplatte, firefox, flash player, google, homepage, popup, pwmtr64v.dll, realtek, registry, scan, secure search, security, software, starmoney, svchost.exe, symantec, system, virus, windows |
Baum-Darstellung