|
Log-Analyse und Auswertung: edealspop und n10.adshostnet.com/ads? stört mich beim SurfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
18.02.2015, 22:39 | #1 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Guten Abend, ich habe folgendes Problem. Sobald ich auf Seiten gehe wie Amazon, werden Pop-Ups aufgemacht von edealspop. Dieses sogar 3 mal auf einmal, sodass mein Bild kaum noch was her gibt. Es wird auch öfters eine weitere Website aufgerufen, und dieses ist folgende: hxxp://n10.adshostnet.com/ads? Malwarebytes hilft leider nicht. Wer kann mir weiterhelfen? Gruß |
18.02.2015, 22:40 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
18.02.2015, 22:44 | #3 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen FRST.txt
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01 Ran by André (administrator) on ALIENWAREGAMING on 18-02-2015 22:42:01 Running from C:\Users\André\Downloads Loaded Profiles: UpdatusUser & André (Available profiles: UpdatusUser & André) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe () C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Creative Technology Ltd) C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe () C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe () C:\Users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe () C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe () C:\Program Files (x86)\Opera\27.0.1689.69_0\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [DellSystemDetect] => C:\Users\André\AppData\Local\Apps\2.0\GXWZMQVO.D25\K32AX9EJ.T53\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-02-16] (Dell) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\MountPoints2: {2f3d62d8-af6c-11e2-a88e-2cd05a8455ec} - H:\Autorun.exe HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\MountPoints2: {57564bd3-fd62-11e3-b8e6-2cd05a8455ec} - I:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\MountPoints2: {57564be0-fd62-11e3-b8e6-2cd05a8455ec} - I:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\MountPoints2: {d4ed057a-b562-11e2-a55c-f01faf0a5eab} - G:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\MountPoints2: {d4ed05b4-b562-11e2-a55c-f01faf0a5eab} - G:\.\Autorun.exe AUTORUN=1 AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation) AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation) AppInit_DLLs-x32: , c:\progra~2\nvidia~1\nvstre~1\rxinput.dll => c:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [S-1-5-21-829858747-3269657560-2013248277-1001] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-829858747-3269657560-2013248277-1001] => http=127.0.0.1:11221 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-829858747-3269657560-2013248277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKU\S-1-5-21-829858747-3269657560-2013248277-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B0&OHP=www.google.com&OSP= HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01 SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP1BC61AB6-8239-4498-93FC-3138718BE3AD&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\wv60tni2.default-1424269440517 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL No File FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: @phonostar.de/radio ffn Rekorder -> C:\Program Files (x86)\radio ffn Rekorder\npphonostarDetectNP.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: @protectdisc.com/NPMPDRM -> C:\Users\André\AppData\Local\mpDRM\Binaries\NPMPDRM.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\André\AppData\Local\Google\Chrome\User Data\default ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 4188b5b6; c:\Program Files (x86)\DealDragon\HotDealsa.dll [4246528 2014-11-22] () [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 controlfirmwareGUI; C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe [83456 2015-01-19] () [File not signed] S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-04-23] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-04-23] (Creative Labs) [File not signed] R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-20] (Creative Technology Ltd) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-28] (Creative Technology Ltd) R2 dashboardtxview64.exe; C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe [211968 2015-02-09] () [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] () R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-19] (Elex do Brasil Participações Ltda) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-20] (Electronic Arts) R2 Qualcomm Atheros Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [492032 2012-02-15] () [File not signed] S2 serveras; C:\Users\André\AppData\Roaming\ASPackage\ASSrv.exe [100352 2015-02-04] () [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2010-11-18] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [2740328 2012-02-15] (Bigfoot Networks, Inc.) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-23] (Broadcom Corporation.) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-15] (Bigfoot Networks, Inc.) R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-28] (Creative Technology Ltd) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation) S2 DLPortIO; C:\Windows\SysWow64\Drivers\DLPortIO.sys [3584 1999-01-10] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-27] (DT Soft Ltd) S3 HDJCtrl; C:\Windows\System32\Drivers\HDJCtrl.sys [38704 2013-05-21] (© Guillemot R&D, 2012. All rights reserved.) S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.) S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2013-05-11] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-11-20] (Intel Corporation) R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-19] (Elex do Brasil Participações Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-01-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-19] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-03] (Elex do Brasil Participações Ltda) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-18] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-06-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation) S3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software) U5 ewusbnet; C:\Windows\SysWOW64\Drivers\ewusbnet.sys [256000 2013-05-11] (Huawei Technologies Co., Ltd.) U5 ew_hwusbdev; C:\Windows\SysWOW64\Drivers\ew_hwusbdev.sys [117248 2013-05-11] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 22:42 - 2015-02-18 22:42 - 00028784 _____ () C:\Users\André\Downloads\FRST.txt 2015-02-18 22:41 - 2015-02-18 22:42 - 00000000 ____D () C:\FRST 2015-02-18 22:41 - 2015-02-18 22:41 - 02086912 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe 2015-02-18 22:03 - 2015-02-18 22:03 - 00003856 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424293363 2015-02-18 22:02 - 2015-02-18 22:02 - 00001137 _____ () C:\Users\Public\Desktop\Opera 27.lnk 2015-02-18 22:02 - 2015-02-18 22:02 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 27.lnk 2015-02-18 21:34 - 2015-02-18 21:35 - 00713120 _____ (Opera Software) C:\Users\André\Desktop\Opera_NI_stable.exe 2015-02-18 16:37 - 2015-02-18 16:37 - 00001904 _____ () C:\Users\Public\Desktop\YAC.lnk 2015-02-18 16:37 - 2015-02-18 16:37 - 00000000 ____D () C:\Windows\system32\log 2015-02-18 16:37 - 2015-02-18 16:37 - 00000000 ____D () C:\Users\André\AppData\Roaming\Elex-tech 2015-02-18 16:37 - 2015-02-18 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC 2015-02-18 16:37 - 2015-02-18 16:37 - 00000000 ____D () C:\Program Files (x86)\Elex-tech 2015-02-18 16:37 - 2015-01-19 12:04 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys 2015-02-18 16:37 - 2015-01-03 09:57 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys 2015-02-18 16:35 - 2015-02-18 16:35 - 01167400 _____ (Elex do Brasil Participações Ltda) C:\Users\André\Downloads\yet_another_cleaner_sk_6328909.exe 2015-02-18 16:35 - 2015-02-18 16:35 - 00000000 ____D () C:\Users\André\AppData\Roaming\eCyber 2015-02-18 15:26 - 2015-02-18 16:16 - 00000000 ____D () C:\Users\André\Desktop\rkill 2015-02-18 15:26 - 2015-02-18 15:26 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\André\Downloads\rkill.exe 2015-02-18 14:55 - 2015-02-18 14:55 - 02953520 _____ (AVAST Software) C:\Users\André\Downloads\avast-browser-cleanup_9.0.0.224.exe 2015-02-18 14:55 - 2015-02-18 14:55 - 01388274 _____ (Thisisu) C:\Users\André\Downloads\JRT42.exe 2015-02-18 14:54 - 2015-02-18 14:54 - 02112512 _____ () C:\Users\André\Downloads\adwcleaner_4.110 (1).exe 2015-02-18 14:53 - 2015-02-18 14:54 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\André\Downloads\mbam-setup-2.0.4.1028 (1).exe 2015-02-18 10:07 - 2015-02-18 10:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2015-02-17 10:20 - 2015-02-18 16:55 - 00003858 _____ () C:\Windows\System32\Tasks\SSBkgdUpdate 2015-02-17 10:07 - 2015-02-17 10:07 - 00000000 ____D () C:\Users\André\AppData\Local\Scansoft 2015-02-16 11:43 - 2015-02-16 11:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2015-02-16 11:42 - 2015-02-16 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series Benutzerregistrierung 2015-02-16 11:37 - 2015-02-16 11:37 - 00000424 _____ () C:\Windows\MAXLINK.INI 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\Users\André\AppData\Roaming\ScanSoft 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\ScanSoft 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\InstallShield 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\Program Files (x86)\ScanSoft 2015-02-16 11:33 - 2015-02-16 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-02-16 11:33 - 2015-02-16 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series Manual 2015-02-16 11:33 - 2015-02-16 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Notes for Windows Vista 2015-02-16 11:28 - 2015-02-16 11:28 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2015-02-16 11:28 - 2015-02-16 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series 2015-02-16 11:28 - 2006-12-25 21:00 - 00236544 _____ (CANON INC.) C:\Windows\system32\CNMLM8R.DLL 2015-02-16 11:27 - 2015-02-16 11:27 - 00000000 ___HD () C:\Program Files\CanonBJ 2015-02-16 11:27 - 2006-11-10 03:03 - 01337344 _____ (CANON INC.) C:\Windows\system32\CNCC140.DLL 2015-02-16 11:27 - 2006-11-10 03:02 - 00049664 _____ (CANON INC.) C:\Windows\system32\CNCI140.DLL 2015-02-16 11:27 - 2006-06-29 06:30 - 00017408 _____ (Canon Inc.) C:\Windows\system32\cnco140.dll 2015-02-16 11:27 - 2006-05-26 08:23 - 00090624 _____ (Canon Inc.) C:\Windows\system32\CNCL140.DLL 2015-02-16 11:14 - 2015-02-16 11:14 - 00734473 _____ () C:\Users\André\Downloads\CoreTemp_106.zip 2015-02-16 11:14 - 2015-02-16 11:14 - 00734473 _____ () C:\Users\André\Downloads\CoreTemp_106 (1).zip 2015-02-15 21:13 - 2015-02-15 21:13 - 00007618 _____ () C:\Users\André\AppData\Local\Resmon.ResmonCfg 2015-02-15 20:26 - 2015-02-15 20:26 - 00000000 ____D () C:\Program Files\Dell 2015-02-15 14:06 - 2015-02-15 14:06 - 00003198 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Delay 2015-02-13 09:39 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-13 09:39 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-13 09:39 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-13 09:39 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-12 21:34 - 2015-02-12 21:34 - 00000000 ____D () C:\ProgramData\Grisoft 2015-02-12 21:32 - 2015-02-12 21:33 - 12413440 _____ () C:\Users\André\Downloads\avgas-setup-7.5.1.43.exe 2015-02-12 21:29 - 2015-02-12 21:29 - 00000000 ____D () C:\Users\André\Downloads\backups 2015-02-12 21:28 - 2015-02-12 21:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\André\Downloads\HijackThis.exe 2015-02-12 19:38 - 2015-02-12 19:38 - 02112512 _____ () C:\Users\André\Downloads\adwcleaner_4.110.exe 2015-02-11 13:33 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 13:33 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 13:33 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 13:33 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 13:33 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 13:33 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 13:33 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 13:33 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 13:33 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 13:33 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 13:33 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 13:33 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 13:33 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 13:33 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 13:33 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 13:33 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 13:33 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 13:33 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 13:33 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 13:33 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 13:33 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 13:33 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 13:33 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 13:33 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 13:33 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 13:33 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-11 13:33 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-11 13:33 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 13:33 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 13:33 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 13:33 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 13:33 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 13:33 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 13:33 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 13:33 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 13:33 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-11 13:33 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 13:33 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 13:33 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 13:33 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 13:33 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 13:33 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 13:33 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 13:33 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 13:33 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 13:33 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 13:33 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 13:33 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-11 13:32 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 13:32 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 13:32 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 13:32 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 13:32 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 13:32 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 13:32 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 13:32 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 13:32 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 13:32 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 13:32 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 13:32 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 13:32 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 13:32 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 13:32 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 13:32 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 13:32 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 13:32 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 13:32 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 13:32 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 13:32 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 13:31 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 13:31 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-11 13:31 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-11 13:29 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 13:29 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 13:26 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 13:26 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 13:26 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 13:26 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 13:26 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 13:26 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 13:26 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 13:26 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 12:55 - 2015-02-11 12:57 - 16838408 _____ (Tracker Software Products Ltd ) C:\Users\André\Downloads\PDFXVwer_2.5.312.1.exe 2015-02-11 12:07 - 2015-02-11 12:07 - 01128916 _____ (www.hellopdf.com ) C:\Users\André\Downloads\nw_33261_pdfwordsetupexe.exe 2015-02-11 11:30 - 2015-02-11 11:30 - 00000000 ____D () C:\Program Files (x86)\goodChoice 2015-02-11 11:30 - 2015-02-11 11:30 - 00000000 ____D () C:\Program Files (x86)\Color My SNS 2015-02-10 18:06 - 2015-02-10 18:06 - 00709564 _____ () C:\Users\André\Downloads\delfix_10.8.exe 2015-02-10 18:04 - 2015-02-10 18:05 - 01212872 _____ (Zugara Investments Limited ) C:\Users\André\Downloads\adwcleanerexe.exe 2015-02-10 14:54 - 2015-02-10 14:54 - 00621624 _____ () C:\Users\André\Downloads\SUPERAntiSpyware_CB-DL-Manager.exe 2015-02-09 21:41 - 2015-02-09 21:41 - 00000000 _____ () C:\autoexec.bat 2015-02-09 17:13 - 2015-02-10 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-02-09 17:13 - 2015-02-09 17:13 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-02-09 17:12 - 2015-02-10 14:42 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-09 17:02 - 2015-02-09 17:04 - 02418464 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup502.exe.opdownload 2015-02-09 15:23 - 2015-02-10 14:42 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware 2015-02-09 14:18 - 2015-02-09 15:08 - 00000000 ____D () C:\Windows\erdnt 2015-02-09 14:06 - 2015-02-18 16:12 - 00000000 ____D () C:\AdwCleaner 2015-02-09 11:51 - 2015-02-09 11:51 - 06220854 _____ () C:\Users\André\Desktop\Neue Bitmap.bmp 2015-02-09 11:25 - 2015-02-10 14:43 - 00000000 ____D () C:\Users\André\AppData\Local\dashboardtxview64 2015-02-09 11:25 - 2015-02-09 11:25 - 00005012 _____ () C:\Windows\wauctla.InstallState 2015-02-09 11:25 - 2015-02-09 11:25 - 00000529 _____ () C:\Windows\wauctla.InstallLog 2015-02-08 15:09 - 2015-02-08 15:11 - 00000000 ____D () C:\Users\André\AppData\Roaming\FreeAudioEditor 2015-02-08 15:07 - 2015-02-08 15:08 - 03529672 _____ (DVDVideoSoft Ltd. ) C:\Users\André\Downloads\FreeAudioEditor.exe 2015-02-08 15:05 - 2015-02-10 14:43 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-02-08 15:00 - 2015-02-08 15:01 - 34792128 _____ (DVDVideoSoft Ltd. ) C:\Users\André\Downloads\FreeYouTubeToMP354Converter.exe 2015-02-08 11:44 - 2015-02-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nival 2015-02-08 11:44 - 2015-02-08 11:44 - 00000745 _____ () C:\Users\Public\Desktop\Prime World.lnk 2015-02-08 11:39 - 2015-02-08 11:39 - 15938760 _____ (Nival ) C:\Users\André\Downloads\PWSetup.exe 2015-02-04 15:27 - 2015-02-04 15:27 - 00000000 __SHD () C:\Users\André\AppData\Local\EmieBrowserModeList 2015-02-04 15:22 - 2015-02-04 15:22 - 00000000 ____D () C:\Users\André\AppData\Roaming\sparta123 2015-02-04 14:47 - 2015-02-04 14:55 - 00000000 ____D () C:\Users\André\AppData\Roaming\ASPackage 2015-02-04 14:45 - 2015-02-04 14:45 - 00000000 ____D () C:\Windows\SysWOW64\controlfirmwareGUI 2015-02-04 12:52 - 2015-02-04 12:52 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files\iTunes 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files\iPod 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-02-04 10:59 - 2015-02-04 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-02-03 23:29 - 2015-02-03 23:29 - 00002227 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00002215 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00002203 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015 2015-02-03 23:29 - 2014-11-24 12:48 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe 2015-02-03 23:29 - 2014-11-24 12:48 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll 2015-02-03 23:29 - 2014-11-24 12:48 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll 2015-02-02 12:42 - 2015-02-02 12:42 - 00000559 _____ () C:\Users\André\Downloads\qr_code.zip 2015-01-30 23:36 - 2015-01-30 23:36 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys 2015-01-30 23:36 - 2015-01-30 23:36 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys 2015-01-30 10:23 - 2015-01-30 10:23 - 00296196 _____ () C:\Users\André\Downloads\Schraubenset für Apple iPhone 4 2015-01-23 11:30 - 2015-01-23 11:30 - 06381120 _____ (Tim Kosse) C:\Users\André\Downloads\FileZilla_3.10.0.2_win32-setup.exe 2015-01-20 23:07 - 2015-01-20 23:07 - 00152013 _____ () C:\Users\André\Desktop\html5blank-stable.zip 2015-01-20 23:05 - 2015-01-20 23:05 - 00128675 _____ () C:\Users\André\Downloads\html2wp.1.3.5.zip 2015-01-20 22:11 - 2015-02-10 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital 2015-01-20 22:11 - 2015-01-20 22:11 - 00001523 _____ () C:\Users\Public\Desktop\Theme Hospital.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 22:37 - 2014-06-26 18:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-18 22:22 - 2013-04-27 21:25 - 00000000 ____D () C:\Users\André\AppData\Roaming\Skype 2015-02-18 22:03 - 2013-04-27 20:01 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-02-18 21:44 - 2013-04-23 04:25 - 01762696 _____ () C:\Windows\WindowsUpdate.log 2015-02-18 21:43 - 2013-04-23 11:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-18 17:00 - 2013-04-28 13:42 - 00000000 ____D () C:\Users\André\AppData\Roaming\vlc 2015-02-18 16:44 - 2014-01-05 20:24 - 00000000 ____D () C:\Windows\WindowsMobile 2015-02-18 16:44 - 2013-06-20 17:21 - 00000000 ____D () C:\Users\André\Documents\VirtualDJ 2015-02-18 16:23 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-18 16:23 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-18 16:14 - 2013-04-23 12:00 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks 2015-02-18 16:14 - 2013-04-23 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks 2015-02-18 16:14 - 2013-04-23 11:55 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2015-02-18 16:14 - 2013-04-23 11:45 - 00000000 ____D () C:\ProgramData\Bigfoot Networks 2015-02-18 16:13 - 2013-04-23 11:55 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-18 16:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-18 14:55 - 2014-12-02 19:18 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-18 14:55 - 2014-06-26 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-18 14:55 - 2014-06-26 18:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-18 14:24 - 2013-06-17 21:38 - 00000000 ____D () C:\Users\André\Desktop\dj 2015-02-18 13:18 - 2013-06-03 19:12 - 00003504 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2015-02-18 11:40 - 2014-11-29 11:02 - 00000000 ____D () C:\Users\André\Desktop\fun 2015-02-18 10:07 - 2013-04-27 22:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-02-18 10:06 - 2013-04-27 21:58 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-17 22:13 - 2014-03-15 11:57 - 00000000 ____D () C:\Users\André\AppData\Roaming\UseNeXT 2015-02-17 22:12 - 2014-03-17 22:22 - 00000000 ____D () C:\Users\André\Documents\UseNeXT 2015-02-17 10:04 - 2013-05-13 20:51 - 00000000 ____D () C:\Windows\1CE60928832549A88B06633E48DD2B67.TMP 2015-02-16 12:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-16 11:45 - 2013-04-28 15:47 - 00000000 ____D () C:\Users\André\Desktop\Eigenschaften 2015-02-16 11:43 - 2014-08-13 11:07 - 00000000 ____D () C:\Users\André\AppData\Roaming\Canon 2015-02-16 11:43 - 2014-08-13 11:00 - 00000000 ____D () C:\Program Files (x86)\Canon 2015-02-16 10:53 - 2014-03-26 15:32 - 00000000 ____D () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2015-02-16 10:53 - 2014-03-26 15:31 - 00000000 ____D () C:\Users\André\AppData\Local\Deployment 2015-02-16 10:52 - 2014-03-26 15:31 - 00417064 _____ () C:\Users\André\Downloads\DellSystemDetect.exe 2015-02-15 12:52 - 2010-11-21 07:50 - 00700794 _____ () C:\Windows\system32\perfh007.dat 2015-02-15 12:52 - 2010-11-21 07:50 - 00150400 _____ () C:\Windows\system32\perfc007.dat 2015-02-15 12:52 - 2009-07-14 06:13 - 01624426 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-12 19:42 - 2013-04-27 21:06 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-02-12 19:42 - 2013-04-27 21:06 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-02-12 19:42 - 2013-04-27 20:01 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-02-12 19:42 - 2013-04-27 20:01 - 00000965 _____ () C:\Users\Public\Desktop\Opera.lnk 2015-02-12 19:42 - 2013-04-26 10:10 - 00000997 _____ () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-12 18:38 - 2014-06-15 21:37 - 00597344 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA 2015-02-12 18:36 - 2014-12-16 17:58 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 18:36 - 2014-05-08 11:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-12 17:00 - 2013-12-06 20:10 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-02-12 16:43 - 2013-06-12 12:44 - 17295024 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-02-12 16:43 - 2013-04-23 11:29 - 00767152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-12 16:43 - 2013-04-23 11:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-12 16:43 - 2013-04-23 11:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-12 10:54 - 2013-06-15 16:57 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-12 10:45 - 2009-07-14 03:34 - 00000609 _____ () C:\Windows\win.ini 2015-02-12 10:44 - 2013-06-03 19:06 - 00002155 _____ () C:\Windows\epplauncher.mif 2015-02-12 10:44 - 2013-06-03 19:05 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-02-12 10:44 - 2013-06-03 19:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-02-12 10:44 - 2013-06-03 19:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-02-12 10:35 - 2013-09-25 15:24 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-12 10:25 - 2013-09-25 15:24 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-11 13:43 - 2013-06-03 19:12 - 00004064 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-02-11 13:43 - 2013-06-03 19:12 - 00003242 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2015-02-11 13:42 - 2013-04-23 12:00 - 00000000 ____D () C:\Program Files\AlienAutopsy 2015-02-11 13:42 - 2013-04-23 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2015-02-11 13:42 - 2013-04-23 11:48 - 00000000 ____D () C:\Program Files\Alienware 2015-02-10 23:04 - 2014-01-25 23:15 - 00000000 ____D () C:\Users\André\Desktop\Schule 2015-02-10 22:59 - 2013-08-13 21:16 - 00000000 ____D () C:\Users\André\Desktop\HVH 2015-02-10 22:56 - 2014-09-18 21:43 - 00000000 ____D () C:\Users\André\Desktop\HTML 2015-02-10 22:55 - 2013-04-28 14:01 - 00000000 ____D () C:\Users\André\Desktop\Ipod 2015-02-10 17:18 - 2014-01-17 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sport-DJ 2015-02-10 14:49 - 2013-04-26 10:07 - 00000000 ____D () C:\Users\André 2015-02-10 14:43 - 2015-01-06 13:02 - 00000000 ____D () C:\Windows\system32\AGEIA 2015-02-10 14:43 - 2015-01-06 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA 2015-02-10 14:43 - 2015-01-06 13:01 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA 2015-02-10 14:43 - 2015-01-06 13:01 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-02-10 14:43 - 2014-12-27 17:39 - 00000000 ____D () C:\Users\André\AppData\Local\PokerStars.EU 2015-02-10 14:43 - 2014-12-27 17:35 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2015-02-10 14:43 - 2014-03-10 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamics 2015-02-10 14:43 - 2014-03-10 22:34 - 00000000 ____D () C:\Program Files (x86)\Dynamics 2015-02-10 14:43 - 2014-02-17 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-10 14:43 - 2014-01-17 13:53 - 00000000 ____D () C:\Program Files\Sport_DJ 2015-02-10 14:43 - 2014-01-16 20:51 - 00000000 ____D () C:\Program Files (x86)\Preh 2015-02-10 14:43 - 2013-09-15 20:33 - 00000000 ____D () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2015-02-10 14:43 - 2013-09-15 20:33 - 00000000 ____D () C:\Users\André\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2015-02-10 14:43 - 2013-09-05 17:09 - 00000000 ____D () C:\ProgramData\PMB Files 2015-02-10 14:43 - 2013-06-21 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-02-10 14:43 - 2013-06-21 21:32 - 00000000 ____D () C:\Users\André\AppData\Roaming\DVDVideoSoft 2015-02-10 14:43 - 2013-06-21 21:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2015-02-10 14:43 - 2013-06-20 13:54 - 00000000 ____D () C:\ProgramData\Netzmanager 2015-02-10 14:43 - 2013-05-11 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbindungsassistent 2015-02-10 14:43 - 2013-05-11 19:50 - 00000000 ____D () C:\Program Files (x86)\Verbindungsassistent 2015-02-10 14:43 - 2013-04-27 22:01 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-02-10 14:43 - 2013-04-23 11:44 - 00000000 ____D () C:\Program Files (x86)\ST Microelectronics 2015-02-10 14:43 - 2013-04-23 11:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-10 14:43 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-02-10 14:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2015-02-10 14:42 - 2013-04-27 22:56 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2015-02-10 14:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2015-02-10 14:41 - 2013-08-26 19:00 - 00000000 ____D () C:\Users\André\AppData\Roaming\TeamViewer 2015-02-10 14:41 - 2013-04-27 21:50 - 00000000 ____D () C:\Users\André\AppData\Roaming\DAEMON Tools Lite 2015-02-10 14:39 - 2013-09-05 17:09 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2015-02-10 14:39 - 2013-04-28 11:05 - 00000000 ____D () C:\Games 2015-02-10 14:39 - 2013-04-27 21:58 - 00000000 __RHD () C:\MSOCache 2015-02-09 17:20 - 2013-08-15 10:55 - 00000000 ____D () C:\Users\André\AppData\Roaming\FileZilla 2015-02-09 14:55 - 2013-08-12 20:22 - 00000000 ____D () C:\Users\Andr� 2015-02-09 14:41 - 2009-07-14 03:34 - 88604672 _____ () C:\Windows\system32\config\SOFTWARE.bak 2015-02-09 14:41 - 2009-07-14 03:34 - 24641536 _____ () C:\Windows\system32\config\SYSTEM.bak 2015-02-09 14:41 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak 2015-02-09 14:41 - 2009-07-14 03:34 - 00061440 _____ () C:\Windows\system32\config\SAM.bak 2015-02-09 14:41 - 2009-07-14 03:34 - 00024576 _____ () C:\Windows\system32\config\SECURITY.bak 2015-02-09 13:13 - 2013-05-28 00:11 - 00000000 ____D () C:\Windows\de 2015-02-04 14:27 - 2014-03-10 22:36 - 00000000 ____D () C:\Users\André\Desktop\Laser 2015-02-04 11:05 - 2013-04-27 21:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-28 11:51 - 2013-08-15 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-01-28 11:51 - 2013-08-15 10:55 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2015-01-27 11:59 - 2013-05-15 06:47 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-01-23 11:30 - 2014-11-30 15:30 - 00000000 ____D () C:\Users\André\Desktop\Neuer Ordner 2015-01-20 22:10 - 2013-05-15 06:49 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-01-20 22:09 - 2013-05-15 06:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-01-19 15:59 - 2013-04-23 11:57 - 00000000 ____D () C:\Program Files (x86)\Steam ==================== Files in the root of some directories ======= 2013-12-02 23:26 - 2013-12-02 23:26 - 0010020 _____ () C:\Users\André\AppData\Local\CleanupUninstall.txt 2014-07-04 15:47 - 2014-07-04 15:47 - 0003584 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-11 10:33 - 2014-07-11 10:33 - 2359296 _____ (laboratorio) C:\Users\André\AppData\Local\hrbug.exe 2014-12-03 10:51 - 2014-12-03 10:51 - 0002102 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2015-02-15 21:13 - 2015-02-15 21:13 - 0007618 _____ () C:\Users\André\AppData\Local\Resmon.ResmonCfg 2014-07-11 15:06 - 2014-07-11 15:06 - 2056192 _____ (atracan) C:\Users\André\AppData\Local\wngofv.exe 2014-09-14 19:28 - 2014-09-14 19:28 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\André\AppData\Local\Temp\5CE7C5FD-F8FF-B361-810D-C236A69389D1.exe C:\Users\André\AppData\Local\Temp\68E1EC45-9CD3-2699-407A-61F1BCFF66D1.dll C:\Users\André\AppData\Local\Temp\68E1EC45-9CD3-2699-407A-61F1BCFF66D1.exe C:\Users\André\AppData\Local\Temp\dck_cleaner.exe C:\Users\André\AppData\Local\Temp\drm_dialogs.dll C:\Users\André\AppData\Local\Temp\drm_dyndata_7330017.dll C:\Users\André\AppData\Local\Temp\FreeAudioEditor.exe C:\Users\André\AppData\Local\Temp\GPUpd543274551.exe C:\Users\André\AppData\Local\Temp\GPUpd543519892.exe C:\Users\André\AppData\Local\Temp\GPUpd5437E9A52.exe C:\Users\André\AppData\Local\Temp\GPUpd544112241.exe C:\Users\André\AppData\Local\Temp\GPUpd544233D51.exe C:\Users\André\AppData\Local\Temp\GPUpd5443B8821.exe C:\Users\André\AppData\Local\Temp\GPUpd5444ED5B1.exe C:\Users\André\AppData\Local\Temp\i4jdel0.exe C:\Users\André\AppData\Local\Temp\Installer.exe C:\Users\André\AppData\Local\Temp\optprosetup.exe C:\Users\André\AppData\Local\Temp\Quarantine.exe C:\Users\André\AppData\Local\Temp\readSTILog.dll C:\Users\André\AppData\Local\Temp\SkypeSetup.exe C:\Users\André\AppData\Local\Temp\sqlite3.dll C:\Users\André\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\André\AppData\Local\Temp\System.Data.SQLite53b21be1-ef93-4a1c-a19e-6d93eb525ad5.dll C:\Users\André\AppData\Local\Temp\thirdPartyUninstall.exe C:\Users\André\AppData\Local\Temp\twtgd00u.51z.exe C:\Users\André\AppData\Local\Temp\uninst1.exe C:\Users\André\AppData\Local\Temp\vsdel.exe C:\Users\André\AppData\Local\Temp\_unps.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-13 01:01 ==================== End Of Log ============================ Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01 Ran by André at 2015-02-18 22:42:31 Running from C:\Users\André\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.99 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden AGEIA PhysX v7.03.21 (HKLM-x32\...\{85EBB283-65AF-4C53-9EBE-7C0A232762F7}) (Version: 7.03.21 - AGEIA Technologies, Inc.) AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware) AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware) Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.) Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - ) Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.1 - Extensoft) AutoBinarySEA (HKLM-x32\...\{78A20C59-1EE7-42EA-B9D7-A764FB341150}) (Version: 2.2.5170.26769 - AutoBinarySEA DE) AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies) AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Bitcoin (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Bitcoin) (Version: 0.8.6 - Bitcoin project) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden Canon MP Navigator 3.1 (HKLM-x32\...\MP Navigator 3.1) (Version: - ) Canon MP140 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series) (Version: - ) Canon MP140 series Benutzerregistrierung (HKLM-x32\...\Canon MP140 series Benutzerregistrierung) (Version: - ) Canon Utilities Easy-LayoutPrint (HKLM-x32\...\Easy-LayoutPrint) (Version: - ) Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version: - ) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4255 - CDBurnerXP) Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell) Dell System Detect - 1 (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell) Dell System Detect (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell) DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version: - ) DJ Intro version 1.1.2 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.1.2 - Serato Audio Research) DJI driver version 2.02 (HKLM-x32\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI) DJI iOSD Assistant version 4.0 (HKLM-x32\...\{8CA48822-4CC7-40FE-9F4E-1BDC314F58F3}_is1) (Version: 4.0 - DJI) DJI WookongM Assistant version 2.04 (HKLM-x32\...\{FAA9FD58-F448-44C9-A850-CE9744A465A3}_is1) (Version: 2.04 - DJI) Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version: - ) DYNAMICS Demoversion, Version: 30.4.2013 (HKLM-x32\...\DYNAMICS_is1) (Version: - ) Empire Earth III (HKLM-x32\...\{B17E235C-7A3B-4482-B650-21FFDE1D452E}) (Version: 1.00.0000 - Sierra Entertainment) EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden Euro Truck Simulator 1.3 (HKLM-x32\...\Euro Truck Simulator) (Version: 1.3 - SCS Software) Event Music Machine 1.1.6 (HKLM-x32\...\Event Music Machine) (Version: 1.1.6 - Christoph Krämer) EventSoundControl (HKLM-x32\...\9B96C7FA-95B6-40BD-859A-46C15A64EBDB) (Version: 2.1.32 - clearsounds.de - Medienagentur) FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse) Firstload (HKLM-x32\...\Firstload) (Version: - Lumaris.net) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Free Audio Editor version 1.0.8.128 (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.0.8.128 - DVDVideoSoft Ltd.) Free Video Flip and Rotate version 2.1.9.827 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.827 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.) Gameforge Live 1.6.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.6.0 - Gameforge) GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.55.0 - International GeoGebra Institute) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION Grand Theft Auto IV - Episodes From Liberty City (HKLM-x32\...\{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1) (Version: - ) HD2 Toolkit Version 4.3 (HKLM-x32\...\{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1) (Version: 4.3 - Kaushal Subedi (KSubedi)) Hot Jingle Player V1.1 (HKLM-x32\...\Hot Jingle Player_is1) (Version: - Koyote Soft) HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard) HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.01.15 - Creative Technology Ltd) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan) iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation) Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.86.0 - Firstload) Lumac (x32 Version: 1.1.86.0 - Firstload) Hidden MAGIX Screenshare (HKLM-x32\...\{AAE31374-02C2-452E-88EC-2F16D92731A9}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Video deluxe 17 Premium Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_premium) (Version: 10.0.0.32 - MAGIX AG) MAGIX Video deluxe 17 Premium Download-Version (x32 Version: 10.0.0.32 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Michas Jingle-Player (HKLM-x32\...\Michas Jingle-Player) (Version: - ) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation) NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation) NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer) Pioneer DDJ_SB Driver (HKLM-x32\...\Pioneer DDJ_SB ASIO) (Version: 1.000.000.002 - Pioneer Corporation.) PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Prime World Version 10.1 (HKLM-x32\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 10.1 - Nival) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.304 - Qualcomm Atheros) Qualcomm Atheros Killer Network Manager (Version: 6.1.0.304 - Qualcomm Atheros) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.) RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - ) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) RollerCoaster Tycoon® 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - ) ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited) Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited) Sparta (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Sparta) (Version: - Sparta) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Sublime Text 2.0.1 (HKLM\...\Sublime Text 2_is1) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.4.0 - Synaptics Incorporated) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer) Terraria (HKLM-x32\...\Steam App 105600) (Version: - ) The Polynomial (HKLM-x32\...\Steam App 67000) (Version: - Dmytry Lavrov) Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts) TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.) Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 3.1 - Verbindungsassistent) Version 1.01 (HKLM-x32\...\Sport-DJ_is1) (Version: - ) VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions) VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP) WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (01/19/2011 5.1.2600.5512) (HKLM\...\2DC11E587B8BA912FF8FD5433B426EE46F8E22DD) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.) Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (12/06/2012 5.1.2600.5512) (HKLM\...\F731C4A8B354FB9B7579C5D98402D2F988E8B95C) (Version: 12/06/2012 5.1.2600.5512 - dji-innovations inc.) Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI) Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{2227A280-3AEA-1069-A2DF-08002B303O9D}\InprocServer32 -> C:\Windows\system32\mapi32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1A421F24-ECBE-44BD-8A67-49F8E2E5443E} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION Task: {27017224-F39A-4087-8D7B-D52A46593676} - System32\Tasks\{3DFD8CA4-D792-4563-A4F5-A7493E9AC83B} => pcalua.exe -a C:\Users\André\Downloads\tjingle-3.5-setup.exe -d C:\Users\André\Downloads Task: {27E6A499-3DEB-4672-B823-8A714B1D6187} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.) Task: {3C469C1B-140C-4D17-881C-F197EA405FF8} - System32\Tasks\{41821B90-9332-4FC0-8E38-6FB4B46E873C} => pcalua.exe -a "C:\Users\André\Downloads\mp140swin64106ea24 (1).exe" -d C:\Users\André\Downloads Task: {3F7E5641-C08A-4F58-BBF6-12D0CEB8E023} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {4A3A143C-2D3C-4820-839B-E683FA90F25A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {4F026846-FCB2-4C8B-A567-4D06572BBFDA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {5537F832-4365-4C86-A14B-282F6D8890D7} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION Task: {574111F7-9E9D-4B95-8DB7-039BDC40F840} - System32\Tasks\SSBkgdUpdate => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.) Task: {582C1351-0A8B-400A-B5D6-FB758ABB587F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {61317184-1406-4FAE-A386-08849785BFB2} - System32\Tasks\Opera scheduled Autoupdate 1424293363 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software) Task: {6142C201-7FF1-47E7-9BD3-5D6139C180F4} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {67D681BF-1F42-4936-BD6D-ECAF37F35EFC} - \GPUP No Task File <==== ATTENTION Task: {82C24D58-0C6E-45E6-BCBC-22F70E95B731} - \Plus-HD-2.2-updater No Task File <==== ATTENTION Task: {9EBEE2CA-8B1C-43E3-81F6-57A80C570466} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A1992B46-7C93-4458-89FE-C61CA4C00196} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {A285A914-CAD2-4ED6-AA85-2BACA9F0422E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {D83784FE-4D3D-4FAC-B465-D5470EE51D1F} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION Task: {DBF47455-4FA1-4DF3-908B-FADDD23A3D61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-12] (Adobe Systems Incorporated) Task: {E2DBF902-BBA1-4C1C-8A06-163F1936054A} - \Eakona Update No Task File <==== ATTENTION Task: {E39AF135-E724-439F-9EBF-0CB270B4483E} - System32\Tasks\{C4638735-56DF-4771-9A6E-2F9B249DF107} => pcalua.exe -a E:\iShowII_EN\instmsiw.exe -d E:\iShowII_EN Task: {ECCFDDB6-B8BA-4ABB-B9CD-01020EA1E7BE} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {EE7CC445-5949-46EA-89BC-3DFCF65E3711} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies) Task: {F21E8D83-0DC6-441E-8DD1-3D7C37C5662C} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2013-04-23 11:54 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-16 11:43 - 2006-11-10 07:12 - 00099936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2013-08-02 13:05 - 2013-07-27 09:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll 2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00492032 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe 2011-05-10 01:46 - 2011-05-10 01:46 - 02760192 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll 2011-05-10 01:56 - 2011-05-10 01:56 - 09856000 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll 2011-05-10 01:47 - 2011-05-10 01:47 - 00416256 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00217600 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll 2011-05-10 17:32 - 2011-05-10 17:32 - 00731648 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll 2011-05-10 01:48 - 2011-05-10 01:48 - 00990720 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll 2013-04-23 13:13 - 2012-02-14 18:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-04-27 20:12 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2013-04-23 11:55 - 2012-01-27 03:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE 2014-11-24 12:48 - 2014-11-24 12:48 - 00713528 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00549888 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe 2012-02-15 20:37 - 2012-02-15 20:37 - 00404992 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modApplications.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00036864 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFeatures.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00025088 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFraps.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00241152 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modGraph.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00062464 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modlcd.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00289280 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNetwork.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00184832 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNpu.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00210944 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOptions.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00055808 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOverview.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00329216 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll 2013-05-11 19:50 - 2010-11-18 12:09 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe 2014-11-24 12:49 - 2014-11-24 12:49 - 00856888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll 2011-12-02 02:00 - 2011-12-02 02:00 - 01636208 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe 2015-02-09 11:25 - 2015-02-09 11:25 - 00211968 _____ () C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe 2015-02-09 11:25 - 2015-02-09 11:25 - 00451072 _____ () C:\Users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe 2015-02-04 14:45 - 2015-01-19 13:29 - 00083456 _____ () C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe 2015-02-18 22:02 - 2015-02-10 08:58 - 00552056 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\opera_crashreporter.exe 2011-03-04 11:49 - 2011-03-04 11:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2013-04-27 20:12 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2009-12-18 17:07 - 2009-12-18 17:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll 2011-12-23 01:31 - 2011-12-23 01:31 - 00593920 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\de-DE\SBRcni.resources.dll 2015-02-09 11:25 - 2014-07-08 09:22 - 00095232 _____ () C:\Users\André\AppData\Local\dashboardtxview64\qjson0.dll 2014-10-16 18:21 - 2014-10-16 18:21 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\712c383e9837b8c37b3107f22be9455c\PSIClient.ni.dll 2013-04-23 11:41 - 2012-02-01 23:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-02-18 16:37 - 2015-01-19 12:00 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2015-02-18 16:37 - 2015-01-19 12:00 - 00185656 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2015-01-16 16:34 - 2015-01-16 16:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll 2015-02-18 22:02 - 2015-02-10 08:58 - 01408632 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\libglesv2.dll 2015-02-18 22:02 - 2015-02-10 08:58 - 00219256 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\libegl.dll 2015-02-18 22:02 - 2015-02-10 08:58 - 09510520 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\pdf.dll 2015-02-12 16:43 - 2015-02-12 16:43 - 14966960 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_99.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-829858747-3269657560-2013248277-500 - Administrator - Disabled) André (S-1-5-21-829858747-3269657560-2013248277-1001 - Administrator - Enabled) => C:\Users\André Gast (S-1-5-21-829858747-3269657560-2013248277-501 - Limited - Disabled) UpdatusUser (S-1-5-21-829858747-3269657560-2013248277-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/18/2015 10:42:33 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert . Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 10:42:33 PM) (Source: VSS) (EventID: 22) (User: ) Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert. Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist. Der von CoCreateInstance für die Klasse mit CLSID "{f5078f32-c551-11d3-89b9-0000f81fe221}" und dem Namen "MSXML30" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert ]. Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 09:32:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: opera.exe, Version: 27.0.1689.69, Zeitstempel: 0x54d96063 Name des fehlerhaften Moduls: GROOVEEX.DLL, Version: 0.0.0.0, Zeitstempel: 0x54b5cf7e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000c55ee ID des fehlerhaften Prozesses: 0x2148 Startzeit der fehlerhaften Anwendung: 0xopera.exe0 Pfad der fehlerhaften Anwendung: opera.exe1 Pfad des fehlerhaften Moduls: opera.exe2 Berichtskennung: opera.exe3 Error: (02/18/2015 06:42:35 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: ) Description: Failed to schedule Software Protection service for re-start at 2015-02-18T19:36:34Z. Error Code: 0x80070490. Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert . Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 22) (User: ) Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert. Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist. Der von CoCreateInstance für die Klasse mit CLSID "{f5078f32-c551-11d3-89b9-0000f81fe221}" und dem Namen "MSXML30" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert ]. Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert . Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 22) (User: ) Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert. Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist. Der von CoCreateInstance für die Klasse mit CLSID "{f5078f32-c551-11d3-89b9-0000f81fe221}" und dem Namen "MSXML30" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert ]. Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert . Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 22) (User: ) Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert. Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist. Der von CoCreateInstance für die Klasse mit CLSID "{f5078f32-c551-11d3-89b9-0000f81fe221}" und dem Namen "MSXML30" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert ]. Vorgang: Für die Sicherung initialisieren System errors: ============= Error: (02/18/2015 08:17:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (02/18/2015 08:17:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Error: (02/18/2015 06:42:10 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (02/18/2015 04:25:37 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (02/18/2015 04:23:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (02/18/2015 04:16:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "AS Service component" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/18/2015 04:16:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "dashboardtxview64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/18/2015 04:15:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "dashboardtxview64.exe" wurde nicht richtig gestartet. Error: (02/18/2015 04:15:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (02/18/2015 04:13:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT) Description: Fehler beim Lesen der Datei für lokale Hosts. Microsoft Office Sessions: ========================= Error: (02/18/2015 10:42:33 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 10:42:33 PM) (Source: VSS) (EventID: 22) (User: ) Description: {f5078f32-c551-11d3-89b9-0000f81fe221}MSXML300x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 09:32:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe27.0.1689.6954d96063GROOVEEX.DLL0.0.0.054b5cf7ec0000005000c55ee214801d04b904fc02653C:\Program Files (x86)\Opera\27.0.1689.69\opera.exeC:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL52ca25c9-b7ad-11e4-bfa2-2cd05a8455ec Error: (02/18/2015 06:42:35 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: ) Description: 0x800704902015-02-18T19:36:34Z Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 22) (User: ) Description: {f5078f32-c551-11d3-89b9-0000f81fe221}MSXML300x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 22) (User: ) Description: {f5078f32-c551-11d3-89b9-0000f81fe221}MSXML300x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/18/2015 05:38:53 PM) (Source: VSS) (EventID: 22) (User: ) Description: {f5078f32-c551-11d3-89b9-0000f81fe221}MSXML300x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren CodeIntegrity Errors: =================================== Date: 2015-02-09 14:33:54.015 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-09 14:33:53.992 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 15:52:51.094 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 15:52:51.062 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz Percentage of memory in use: 42% Total physical RAM: 12170.31 MB Available physical RAM: 7046.12 MB Total Pagefile: 24338.8 MB Available Pagefile: 18477.54 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:494.55 GB) (Free:202.95 GB) NTFS Drive d: (DATAPART1) (Fixed) (Total:29.81 GB) (Free:28.38 GB) NTFS Drive e: (04 Mrz 2011) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS Drive f: (Musik) (Fixed) (Total:195.31 GB) (Free:76.78 GB) NTFS Drive h: (RCT3_WILD) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: B55A8670) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=8.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=494.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=195.3 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: B55ABA8A) Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
18.02.2015, 22:46 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Was ist mit meiner Frage nach bisherigen Funden und wenn es welche gab, den Logs dazu?
__________________ Logfiles bitte immer in CODE-Tags posten |
18.02.2015, 22:48 | #5 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Achso sry. ne leider hab ich keine Logs mehr. deswegen hab ich diese erststellt eben |
18.02.2015, 22:49 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ --> edealspop und n10.adshostnet.com/ads? stört mich beim Surfen |
19.02.2015, 10:26 | #7 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen log.txt Code:
ATTFilter ComboFix 15-02-16.01 - André 18.02.2015 22:55:36.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.12170.7314 [GMT 1:00] ausgeführt von:: c:\users\AndrÚ\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Neuer Wiederherstellungspunkt wurde erstellt . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk c:\windows\MICROSOFT . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_ACEDRV11 -------\Service_acedrv11 . . ((((((((((((((((((((((( Dateien erstellt von 2015-01-18 bis 2015-02-18 )))))))))))))))))))))))))))))) . . 2015-02-18 21:41 . 2015-02-18 21:43 -------- d-----w- C:\FRST 2015-02-18 15:37 . 2015-01-03 08:57 52392 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys 2015-02-18 15:37 . 2015-01-19 11:04 45224 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys 2015-02-18 15:37 . 2015-02-18 15:37 -------- d-----w- c:\windows\system32\log 2015-02-18 15:37 . 2015-02-18 15:37 -------- d-----w- c:\users\André\AppData\Roaming\Elex-tech 2015-02-18 15:37 . 2015-02-18 15:37 -------- d-----w- c:\program files (x86)\Elex-tech 2015-02-18 15:35 . 2015-02-18 15:35 -------- d-----w- c:\users\André\AppData\Roaming\eCyber 2015-02-18 09:07 . 2015-02-18 09:07 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2 2015-02-17 20:56 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AA2230B6-7939-4FD1-B5C0-A762FB00D697}\mpengine.dll 2015-02-17 09:07 . 2015-02-17 09:07 -------- d-----w- c:\users\André\AppData\Local\Scansoft 2015-02-16 15:47 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2015-02-16 10:43 . 2015-02-16 10:43 -------- d-----w- c:\programdata\CanonIJPLM 2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\programdata\InstallShield 2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\users\André\AppData\Roaming\ScanSoft 2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\programdata\ScanSoft 2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\program files (x86)\Common Files\ScanSoft Shared 2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\program files (x86)\ScanSoft 2015-02-16 10:28 . 2015-02-16 10:28 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2015-02-16 10:28 . 2006-12-25 20:00 236544 ----a-w- c:\windows\system32\CNMLM8R.DLL 2015-02-16 10:27 . 2006-06-29 05:30 17408 ----a-w- c:\windows\system32\cnco140.dll 2015-02-16 10:27 . 2006-11-10 02:03 1337344 ----a-w- c:\windows\system32\CNCC140.DLL 2015-02-16 10:27 . 2006-11-10 02:02 49664 ----a-w- c:\windows\system32\CNCI140.DLL 2015-02-16 10:27 . 2006-05-26 07:23 90624 ----a-w- c:\windows\system32\CNCL140.DLL 2015-02-16 10:27 . 2015-02-16 10:27 -------- d--h--w- c:\program files\CanonBJ 2015-02-15 19:26 . 2015-02-15 19:26 -------- d-----w- c:\program files\Dell 2015-02-13 08:39 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2015-02-13 08:39 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll 2015-02-13 08:39 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll 2015-02-13 08:39 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll 2015-02-12 20:34 . 2015-02-12 20:34 -------- d-----w- c:\programdata\Grisoft 2015-02-11 15:20 . 2014-09-16 20:53 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD2BD62E-35E7-4270-97AC-261580EDD566}\gapaengine.dll 2015-02-11 12:32 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll 2015-02-11 12:31 . 2014-10-04 02:10 3722752 ----a-w- c:\windows\system32\mstscax.dll 2015-02-11 12:31 . 2014-10-04 01:42 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll 2015-02-11 12:31 . 2014-10-04 01:42 131584 ----a-w- c:\windows\SysWow64\aaclient.dll 2015-02-11 12:29 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll 2015-02-11 12:29 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll 2015-02-11 12:26 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe 2015-02-11 12:26 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2015-02-11 12:26 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2015-02-11 12:26 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll 2015-02-11 12:26 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll 2015-02-11 12:26 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe 2015-02-11 12:26 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2015-02-11 12:26 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys 2015-02-11 10:30 . 2015-02-11 10:30 -------- d-----w- c:\program files (x86)\goodChoice 2015-02-11 10:30 . 2015-02-11 10:30 -------- d-----w- c:\program files (x86)\Color My SNS 2015-02-09 16:12 . 2015-02-10 13:42 -------- d-----w- c:\program files\CCleaner 2015-02-09 13:06 . 2015-02-18 15:12 -------- d-----w- C:\AdwCleaner 2015-02-09 10:25 . 2015-02-10 13:43 -------- d-----w- c:\users\André\AppData\Local\dashboardtxview64 2015-02-08 14:09 . 2015-02-08 14:11 -------- d-----w- c:\users\André\AppData\Roaming\FreeAudioEditor 2015-02-08 14:05 . 2015-02-10 13:43 -------- d-----w- c:\program files (x86)\Free Codec Pack 2015-02-08 14:05 . 2015-02-10 13:43 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft 2015-02-04 14:27 . 2015-02-04 14:27 -------- d-sh--w- c:\users\André\AppData\Local\EmieBrowserModeList 2015-02-04 14:22 . 2015-02-04 14:22 -------- d-----w- c:\users\André\AppData\Roaming\sparta123 2015-02-04 13:47 . 2015-02-04 13:55 -------- d-----w- c:\users\André\AppData\Roaming\ASPackage 2015-02-04 13:45 . 2015-02-04 13:45 -------- d-----w- c:\windows\SysWow64\controlfirmwareGUI 2015-02-04 10:05 . 2015-02-04 10:05 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-02-04 10:05 . 2015-02-04 10:05 -------- d-----w- c:\program files\iTunes 2015-02-04 10:05 . 2015-02-04 10:05 -------- d-----w- c:\program files (x86)\iTunes 2015-02-04 10:05 . 2015-02-04 10:05 -------- d-----w- c:\program files\iPod 2015-02-03 22:29 . 2014-11-24 11:48 40248 ----a-w- c:\windows\system32\TURegOpt.exe 2015-02-03 22:29 . 2014-11-24 11:48 29496 ----a-w- c:\windows\system32\authuitu.dll 2015-02-03 22:29 . 2014-11-24 11:48 25400 ----a-w- c:\windows\SysWow64\authuitu.dll 2015-01-30 22:36 . 2015-01-30 22:36 23760 ----a-w- c:\windows\system32\drivers\DDDriver64Dcsa.sys 2015-01-30 22:36 . 2015-01-30 22:36 23312 ----a-w- c:\windows\system32\drivers\DellProf.sys 2015-01-22 18:17 . 2015-01-22 18:17 255672 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\OSFINTL.DLL 2015-01-22 16:46 . 2015-01-22 16:46 3009720 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\MSOINTL.DLL 2015-01-21 14:05 . 2015-01-21 14:05 81238200 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL 2015-01-21 14:05 . 2015-01-21 14:05 5736144 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe 2015-01-21 14:05 . 2015-01-21 14:05 5435576 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll 2015-01-21 14:05 . 2015-01-21 14:05 26476728 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL 2015-01-21 14:02 . 2015-01-21 14:02 877808 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\ACEES.DLL 2015-01-21 14:02 . 2015-01-21 14:02 532704 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\ACEEXCL.DLL 2015-01-21 14:02 . 2015-01-21 14:02 445664 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\ACEOLEDB.DLL 2015-01-21 14:02 . 2015-01-21 14:02 2272456 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\ACECORE.DLL 2015-01-21 14:02 . 2015-01-21 14:02 203480 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\ACETXT.DLL 2015-01-21 14:01 . 2015-01-21 14:01 617720 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\ACEDAO.DLL 2015-01-21 14:01 . 2015-01-21 14:01 853200 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\WXPNSE.DLL 2015-01-21 14:01 . 2015-01-21 14:01 81238200 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL 2015-01-21 14:01 . 2015-01-21 14:01 7838928 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe 2015-01-21 14:01 . 2015-01-21 14:01 7603896 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll 2015-01-21 14:01 . 2015-01-21 14:01 2226848 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\RICHED20.DLL 2015-01-21 14:01 . 2015-01-21 14:01 111848 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE 2015-01-21 14:01 . 2015-01-21 14:01 654512 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE 2015-01-21 14:01 . 2015-01-21 14:01 36978360 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-02-18 22:10 . 2014-06-26 17:43 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-02-18 21:43 . 2013-04-23 10:29 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-02-18 21:43 . 2013-04-23 10:29 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-02-12 09:25 . 2013-09-25 14:24 116773704 ----a-w- c:\windows\system32\MRT.exe 2014-12-31 11:14 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe 2014-12-19 03:06 . 2015-01-14 16:08 210432 ----a-w- c:\windows\system32\profsvc.dll 2014-12-19 01:46 . 2015-01-14 16:08 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys 2014-12-11 17:47 . 2015-01-14 16:08 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe 2014-12-06 04:17 . 2015-01-14 16:08 303616 ----a-w- c:\windows\system32\nlasvc.dll 2014-12-06 03:50 . 2015-01-14 16:08 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll 2014-12-06 03:50 . 2015-01-14 16:08 156672 ----a-w- c:\windows\SysWow64\ncsi.dll 2014-11-21 05:14 . 2014-06-26 17:35 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-11-21 05:14 . 2014-06-26 17:35 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-11-21 05:14 . 2013-05-15 06:54 25816 ----a-w- c:\windows\system32\drivers\mbam.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2015-01-12 . CD726C899BD9A398E8420564A957320B . 25056256 . . [11.00.9600.17631] .. c:\windows\erdnt\cache64\mshtml.dll [7] 2015-01-12 . CD726C899BD9A398E8420564A957320B . 25056256 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17633_none_f585f9ea37467afd\mshtml.dll [7] 2014-11-22 . D478A4CF07FB8ADF72FB16B88E8030B8 . 25059840 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17501_none_f58df6883740dfc5\mshtml.dll [7] 2014-11-06 . BBD6A636AAA65D874F3863280CD8373D . 25110016 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_f59addd03736dce1\mshtml.dll [7] 2014-09-19 . 7415B29AFE2E4494A57358B8C7E78600 . 23631360 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_f5a7f85a372cd9fd\mshtml.dll [7] 2014-08-18 . 920BD93A0B64657A20CA66C2EBB167EA . 23591424 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_f5b67f6437213d09\mshtml.dll [7] 2014-07-25 . ECA387DCD57F683C52171C766CF400F0 . 23645696 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_f5b0b0ea3726a4ff\mshtml.dll [7] 2014-06-19 . FEC19C351EF1B2C998A85D1BFD765675 . 23464448 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_f5addd9c372925b8\mshtml.dll [7] 2014-05-30 . 56803B20D168C1B740D12CE0BE4588F5 . 23414784 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_f5bac4e4371f22d4\mshtml.dll [7] 2014-05-06 . 797E2E5C309AFF76990D5B7AF457EACA . 23544320 . . [11.00.9600.17107] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_f5b8ad88372109c7\mshtml.dll [7] 2014-04-29 . A98DA2EC1E56CF52C682D072F77D9874 . 23547904 . . [11.00.9600.17105] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17105_none_f5b8db183720d685\mshtml.dll [7] 2014-03-31 . C3E3EFD320D0000BE6F9CDB00CD6086F . 23134208 . . [11.00.9600.16659] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16659_none_f5876fe837454a4a\mshtml.dll [7] 2014-03-06 . 37D0FB9E5E8EDA40B66FC3FB3D660261 . 23549440 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_f5c8074c3714b96c\mshtml.dll [7] 2014-03-01 . 4E0709D9BB951AD1C22E4FF519B90839 . 23133696 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_f58ff536373f154c\mshtml.dll [7] 2014-02-06 . D016F5092E4FFC41147E8555A71D2DDE . 23170048 . . [11.00.9600.16518] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16518_none_f58e55743740af5c\mshtml.dll [7] 2013-12-05 . D233E1A32CE6AF918C9DE1BC44AFEB2A . 23212032 . . [11.00.9600.16428] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_f59a25aa3737acc2\mshtml.dll [7] 2013-11-26 . 16B0A65F52531B769B891DC251ECC6C0 . 23183360 . . [11.00.9600.16476] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_f59f54ac3732f833\mshtml.dll [7] 2010-11-21 . 1C8B787BAA52DEAD1A6FEC1502D652F0 . 8988160 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda\mshtml.dll [7] 2015-01-12 . CD726C899BD9A398E8420564A957320B . 25056256 . . [11.00.9600.17631] .. c:\windows\system32\mshtml.dll . c:\windows\SysWow64\mshtml.dll ... Fehlt !! . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640] "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816] "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816] "DellSystemDetect"="c:\users\André\AppData\Local\Apps\2.0\GXWZMQVO.D25\K32AX9EJ.T53\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe" [2015-02-16 283432] . c:\users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2012-7-20 14134784] Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41AD50RJ05RQ;CONNECTION=NW;MONITOR=1; [2009-7-14 45568] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-2-22 1380128] Qualcomm Atheros Killer Network Manager.lnk - c:\program files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe -minimized [2012-2-15 549888] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "UpdReg"=c:\windows\UpdReg.EXE "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe "SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot . R2 4188b5b6;TrustMix;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x] R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe;c:\program files\Alienware\Command Center\AlienFusionService.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 DLPortIO;DriverLINX Port I/O Driver; [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x] R3 HDJCtrl;Hercules DJ Control MP3 Service;c:\windows\system32\Drivers\HDJCtrl.sys;c:\windows\SYSNATIVE\Drivers\HDJCtrl.sys [x] R3 HDJMidi;Hercules DJ Control MP3 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeKrnlBoot.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x] R3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] R3 ST_ACCEL;STMicroelectronics Accelerometer Service;c:\windows\system32\DRIVERS\ST_ACCEL.sys;c:\windows\SYSNATIVE\DRIVERS\ST_ACCEL.sys [x] R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x] R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS;c:\windows\SYSNATIVE\DRIVERS\EMSC.SYS [x] S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x] S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S1 BfLwf;Bigfoot Networks Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys [x] S1 iSafeKrnlKit;YAC Kit Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [x] S1 iSafeKrnlMon;YAC Monitor Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [x] S1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [x] S1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\DRIVERS\iSafeNetFilter.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeNetFilter.sys [x] S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x] S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x] S2 controlfirmwareGUI;controlfirmwareGUI;c:\windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe;c:\windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe [x] S2 CtHdaSvc;Sound Core3D Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x] S2 dashboardtxview64.exe;dashboardtxview64.exe;c:\users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe;c:\users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 iSafeService;YAC Service;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x] S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x] S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Bigfoot Networks\Killer Network Manager\BFNService.exe;c:\program files\Bigfoot Networks\Killer Network Manager\BFNService.exe [x] S2 serveras;AS Service component;c:\users\André\AppData\Roaming\ASPackage\ASSrv.exe;c:\users\André\AppData\Roaming\ASPackage\ASSrv.exe [x] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE;c:\program files (x86)\AlienRespawn\sftservice.EXE [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 WTGService;WTGService;c:\program files (x86)\Verbindungsassistent\WTGService.exe;c:\program files (x86)\Verbindungsassistent\WTGService.exe [x] S3 Ak27x64;Killer Wireless-N 1102 device driver;c:\windows\system32\DRIVERS\Ak27x64.sys;c:\windows\SYSNATIVE\DRIVERS\Ak27x64.sys [x] S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x] S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x] S3 cthda;Sound Core3D(CtHda.sys);c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x] S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x] S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x] S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x] . . Inhalt des "geplante Tasks" Ordners . 2015-02-18 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-23 21:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2015-01-21 14:01 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm mSearch Page = hxxp://www.google.com uInternet Settings,ProxyServer = http=127.0.0.1:12054 uInternet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105 IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000 LSP: %SYSTEMROOT%\system32\BfLLR.dll Trusted Zone: dell.com TCP: DhcpNameServer = 192.168.2.1 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL FF - ProfilePath - c:\users\André\AppData\Roaming\Mozilla\Firefox\Profiles\wv60tni2.default-1424269440517\ . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{8BA85C75-763B-4103-94EB-9470F12FE0F7} - (no file) ShellIconOverlayIdentifiers-{CD55129A-B1A1-438E-A425-CEBC7DC684EE} - (no file) ShellIconOverlayIdentifiers-{E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) AddRemove-Sparta - c:\users\ANDR~1\AppData\Local\Sparta\Uninstaller.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.16" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Elex-tech\YAC\iSafeSvc2.exe c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe c:\program files (x86)\AlienRespawn\TOASTER.EXE c:\program files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Zeit der Fertigstellung: 2015-02-18 23:17:56 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2015-02-18 22:17 . Vor Suchlauf: 22 Verzeichnis(se), 217.701.396.480 Bytes frei Nach Suchlauf: 25 Verzeichnis(se), 217.734.373.376 Bytes frei . - - End Of File - - 29B896725D7E718A2F11A322CAA06728 5C616939100B85E558DA92B899A0FC36 Gruß |
19.02.2015, 10:55 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
19.02.2015, 13:14 | #9 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen hier einmal die Log daten: Adwcleander: R4 Code:
ATTFilter # AdwCleaner v4.111 - Bericht erstellt 19/02/2015 um 12:50:50 # Aktualisiert 18/02/2015 von Xplode # Datenbank : 2015-02-18.3 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64) # Benutzername : André - ALIENWAREGAMING # Gestarted von : C:\Users\André\Desktop\AdwCleaner_4.111.exe # Option : Suchlauf ***** [ Dienste ] ***** Dienst Gefunden : iSafeKrnlMon ***** [ Dateien / Ordner ] ***** Datei Gefunden : C:\Windows\System32\log\iSafeKrnlCall.log Ordner Gefunden : C:\Program Files (x86)\Elex-tech Ordner Gefunden : C:\Users\André\AppData\Roaming\ASPackage ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1 Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*origin.com;*ea.com;*akamaihd.net Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:11740 ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17631 -\\ Mozilla Firefox v27.0.1 (de) -\\ Google Chrome v -\\ Opera v27.0.1689.69 ************************* AdwCleaner[R4].txt - [1279 Bytes] - [19/02/2015 12:50:50] ########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1338 Bytes] ########## Code:
ATTFilter # AdwCleaner v4.111 - Bericht erstellt 19/02/2015 um 12:52:42 # Aktualisiert 18/02/2015 von Xplode # Datenbank : 2015-02-18.3 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64) # Benutzername : André - ALIENWAREGAMING # Gestarted von : C:\Users\André\Desktop\AdwCleaner_4.111.exe # Option : Löschen ***** [ Dienste ] ***** [#] Dienst Gelöscht : iSafeKrnlMon ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Program Files (x86)\Elex-tech Ordner Gelöscht : C:\Users\André\AppData\Roaming\ASPackage Datei Gelöscht : C:\Windows\System32\log\iSafeKrnlCall.log ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*origin.com;*ea.com;*akamaihd.net Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:11740 Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1 ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17631 -\\ Mozilla Firefox v27.0.1 (de) -\\ Google Chrome v -\\ Opera v27.0.1689.69 ************************* AdwCleaner[R4].txt - [1417 Bytes] - [19/02/2015 12:50:50] AdwCleaner[S4].txt - [1343 Bytes] - [19/02/2015 12:52:42] ########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1402 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.2 (02.02.2015:1) OS: Windows 7 Home Premium x64 Ran by Andr‚ on 19.02.2015 at 13:03:38,71 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 19.02.2015 at 13:09:08,29 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01 Ran by André (administrator) on ALIENWAREGAMING on 19-02-2015 13:09:31 Running from C:\Users\André\Desktop Loaded Profiles: UpdatusUser & André (Available profiles: UpdatusUser & André) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe () C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Dell) C:\Users\André\AppData\Local\Apps\2.0\GXWZMQVO.D25\K32AX9EJ.T53\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe () C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe () C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe () C:\Users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe () C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [DellSystemDetect] => C:\Users\André\AppData\Local\Apps\2.0\GXWZMQVO.D25\K32AX9EJ.T53\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-02-16] (Dell) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation) AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation) AppInit_DLLs-x32: c:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll => c:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [S-1-5-21-829858747-3269657560-2013248277-1001] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-829858747-3269657560-2013248277-1001] => http=127.0.0.1:11433 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-829858747-3269657560-2013248277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKU\S-1-5-21-829858747-3269657560-2013248277-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B0&OHP=www.google.com&OSP= HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP1BC61AB6-8239-4498-93FC-3138718BE3AD&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\wv60tni2.default-1424269440517 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL No File FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: @phonostar.de/radio ffn Rekorder -> C:\Program Files (x86)\radio ffn Rekorder\npphonostarDetectNP.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: @protectdisc.com/NPMPDRM -> C:\Users\André\AppData\Local\mpDRM\Binaries\NPMPDRM.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\André\AppData\Local\Google\Chrome\User Data\default ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 4188b5b6; c:\Program Files (x86)\DealDragon\HotDealsa.dll [4246528 2014-11-22] () [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 controlfirmwareGUI; C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe [83456 2015-01-19] () [File not signed] S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-04-23] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-04-23] (Creative Labs) [File not signed] R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-20] (Creative Technology Ltd) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-28] (Creative Technology Ltd) R2 dashboardtxview64.exe; C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe [211968 2015-02-09] () [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-20] (Electronic Arts) R2 Qualcomm Atheros Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [492032 2012-02-15] () [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2010-11-18] () S2 serveras; C:\Users\André\AppData\Roaming\ASPackage\ASSrv.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [2740328 2012-02-15] (Bigfoot Networks, Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-23] (Broadcom Corporation.) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-15] (Bigfoot Networks, Inc.) R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-28] (Creative Technology Ltd) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation) S2 DLPortIO; C:\Windows\SysWow64\Drivers\DLPortIO.sys [3584 1999-01-10] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-27] (DT Soft Ltd) S3 HDJCtrl; C:\Windows\System32\Drivers\HDJCtrl.sys [38704 2013-05-21] (© Guillemot R&D, 2012. All rights reserved.) S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.) S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2013-05-11] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-11-20] (Intel Corporation) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-19] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-06-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation) S3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software) S3 catchme; \??\C:\ComboFix\catchme.sys [X] U5 ewusbnet; C:\Windows\SysWOW64\Drivers\ewusbnet.sys [256000 2013-05-11] (Huawei Technologies Co., Ltd.) U5 ew_hwusbdev; C:\Windows\SysWOW64\Drivers\ew_hwusbdev.sys [117248 2013-05-11] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-19 13:09 - 2015-02-19 13:09 - 00023478 _____ () C:\Users\André\Desktop\FRST.txt 2015-02-19 13:09 - 2015-02-19 13:09 - 00004301 _____ () C:\Users\André\Desktop\JRT.txt 2015-02-19 12:50 - 2015-02-19 12:52 - 00000000 ____D () C:\AdwCleaner 2015-02-19 12:49 - 2015-02-19 12:49 - 02086912 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe 2015-02-19 12:48 - 2015-02-19 12:49 - 01388274 _____ (Thisisu) C:\Users\André\Desktop\JRT.exe 2015-02-19 12:48 - 2015-02-19 12:48 - 02126848 _____ () C:\Users\André\Desktop\AdwCleaner_4.111.exe 2015-02-18 23:17 - 2015-02-18 23:17 - 00040681 _____ () C:\ComboFix.txt 2015-02-18 23:08 - 2015-02-19 12:53 - 00006220 _____ () C:\Windows\PFRO.log 2015-02-18 23:08 - 2015-02-19 12:53 - 00000504 _____ () C:\Windows\setupact.log 2015-02-18 23:08 - 2015-02-18 23:08 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-18 22:52 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-02-18 22:52 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-02-18 22:52 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2015-02-18 22:51 - 2015-02-18 23:18 - 00000000 ____D () C:\Qoobox 2015-02-18 22:50 - 2015-02-18 22:50 - 05611903 ____R (Swearware) C:\Users\André\Desktop\ComboFix.exe 2015-02-18 22:41 - 2015-02-19 13:09 - 00000000 ____D () C:\FRST 2015-02-18 22:03 - 2015-02-18 22:03 - 00003856 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424293363 2015-02-18 22:02 - 2015-02-18 22:02 - 00001137 _____ () C:\Users\Public\Desktop\Opera 27.lnk 2015-02-18 22:02 - 2015-02-18 22:02 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 27.lnk 2015-02-18 21:34 - 2015-02-18 21:35 - 00713120 _____ (Opera Software) C:\Users\André\Desktop\Opera_NI_stable.exe 2015-02-18 16:37 - 2015-02-19 12:52 - 00000000 ____D () C:\Windows\system32\log 2015-02-18 15:26 - 2015-02-18 16:16 - 00000000 ____D () C:\Users\André\Desktop\rkill 2015-02-18 10:07 - 2015-02-18 10:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2015-02-17 10:20 - 2015-02-18 16:55 - 00003858 _____ () C:\Windows\System32\Tasks\SSBkgdUpdate 2015-02-17 10:07 - 2015-02-17 10:07 - 00000000 ____D () C:\Users\André\AppData\Local\Scansoft 2015-02-16 11:43 - 2015-02-16 11:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2015-02-16 11:42 - 2015-02-16 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series Benutzerregistrierung 2015-02-16 11:37 - 2015-02-16 11:37 - 00000424 _____ () C:\Windows\MAXLINK.INI 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\Users\André\AppData\Roaming\ScanSoft 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\ScanSoft 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\InstallShield 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\Program Files (x86)\ScanSoft 2015-02-16 11:33 - 2015-02-16 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-02-16 11:33 - 2015-02-16 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series Manual 2015-02-16 11:33 - 2015-02-16 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Notes for Windows Vista 2015-02-16 11:28 - 2015-02-16 11:28 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2015-02-16 11:28 - 2015-02-16 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series 2015-02-16 11:28 - 2006-12-25 21:00 - 00236544 _____ (CANON INC.) C:\Windows\system32\CNMLM8R.DLL 2015-02-16 11:27 - 2015-02-16 11:27 - 00000000 ___HD () C:\Program Files\CanonBJ 2015-02-16 11:27 - 2006-11-10 03:03 - 01337344 _____ (CANON INC.) C:\Windows\system32\CNCC140.DLL 2015-02-16 11:27 - 2006-11-10 03:02 - 00049664 _____ (CANON INC.) C:\Windows\system32\CNCI140.DLL 2015-02-16 11:27 - 2006-06-29 06:30 - 00017408 _____ (Canon Inc.) C:\Windows\system32\cnco140.dll 2015-02-16 11:27 - 2006-05-26 08:23 - 00090624 _____ (Canon Inc.) C:\Windows\system32\CNCL140.DLL 2015-02-16 11:14 - 2015-02-16 11:14 - 00734473 _____ () C:\Users\André\Downloads\CoreTemp_106.zip 2015-02-16 11:14 - 2015-02-16 11:14 - 00734473 _____ () C:\Users\André\Downloads\CoreTemp_106 (1).zip 2015-02-15 21:13 - 2015-02-15 21:13 - 00007618 _____ () C:\Users\André\AppData\Local\Resmon.ResmonCfg 2015-02-15 20:26 - 2015-02-15 20:26 - 00000000 ____D () C:\Program Files\Dell 2015-02-15 14:06 - 2015-02-15 14:06 - 00003198 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Delay 2015-02-13 09:39 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-13 09:39 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-13 09:39 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-13 09:39 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-12 21:34 - 2015-02-12 21:34 - 00000000 ____D () C:\ProgramData\Grisoft 2015-02-12 21:32 - 2015-02-12 21:33 - 12413440 _____ () C:\Users\André\Downloads\avgas-setup-7.5.1.43.exe 2015-02-12 21:29 - 2015-02-12 21:29 - 00000000 ____D () C:\Users\André\Downloads\backups 2015-02-12 21:28 - 2015-02-12 21:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\André\Downloads\HijackThis.exe 2015-02-12 19:38 - 2015-02-12 19:38 - 02112512 _____ () C:\Users\André\Downloads\adwcleaner_4.110.exe 2015-02-11 13:33 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 13:33 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 13:33 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 13:33 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 13:33 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 13:33 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 13:33 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 13:33 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 13:33 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 13:33 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 13:33 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 13:33 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 13:33 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 13:33 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 13:33 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 13:33 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 13:33 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 13:33 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 13:33 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 13:33 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 13:33 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 13:33 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 13:33 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 13:33 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 13:33 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 13:33 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-11 13:33 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-11 13:33 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 13:33 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 13:33 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 13:33 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 13:33 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 13:33 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 13:33 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 13:33 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 13:33 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-11 13:33 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 13:33 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 13:33 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 13:33 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 13:33 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 13:33 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 13:33 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 13:33 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 13:33 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 13:33 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 13:33 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 13:33 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-11 13:32 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 13:32 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 13:32 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 13:32 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 13:32 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 13:32 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 13:32 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 13:32 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 13:32 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 13:32 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 13:32 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 13:32 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 13:32 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 13:32 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 13:32 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 13:32 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 13:32 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 13:32 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 13:32 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 13:32 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 13:32 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 13:31 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 13:31 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-11 13:31 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-11 13:29 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 13:29 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 13:26 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 13:26 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 13:26 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 13:26 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 13:26 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 13:26 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 13:26 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 13:26 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 12:55 - 2015-02-11 12:57 - 16838408 _____ (Tracker Software Products Ltd ) C:\Users\André\Downloads\PDFXVwer_2.5.312.1.exe 2015-02-11 12:07 - 2015-02-11 12:07 - 01128916 _____ (www.hellopdf.com ) C:\Users\André\Downloads\nw_33261_pdfwordsetupexe.exe 2015-02-11 11:30 - 2015-02-11 11:30 - 00000000 ____D () C:\Program Files (x86)\goodChoice 2015-02-11 11:30 - 2015-02-11 11:30 - 00000000 ____D () C:\Program Files (x86)\Color My SNS 2015-02-10 18:06 - 2015-02-10 18:06 - 00709564 _____ () C:\Users\André\Downloads\delfix_10.8.exe 2015-02-10 18:04 - 2015-02-10 18:05 - 01212872 _____ (Zugara Investments Limited ) C:\Users\André\Downloads\adwcleanerexe.exe 2015-02-10 14:54 - 2015-02-10 14:54 - 00621624 _____ () C:\Users\André\Downloads\SUPERAntiSpyware_CB-DL-Manager.exe 2015-02-09 21:41 - 2015-02-09 21:41 - 00000000 _____ () C:\autoexec.bat 2015-02-09 17:13 - 2015-02-10 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-02-09 17:13 - 2015-02-09 17:13 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-02-09 17:12 - 2015-02-10 14:42 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-09 17:02 - 2015-02-09 17:04 - 02418464 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup502.exe.opdownload 2015-02-09 15:23 - 2015-02-10 14:42 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware 2015-02-09 14:18 - 2015-02-18 23:07 - 00000000 ____D () C:\Windows\erdnt 2015-02-09 11:51 - 2015-02-09 11:51 - 06220854 _____ () C:\Users\André\Desktop\Neue Bitmap.bmp 2015-02-09 11:25 - 2015-02-10 14:43 - 00000000 ____D () C:\Users\André\AppData\Local\dashboardtxview64 2015-02-09 11:25 - 2015-02-09 11:25 - 00005012 _____ () C:\Windows\wauctla.InstallState 2015-02-09 11:25 - 2015-02-09 11:25 - 00000529 _____ () C:\Windows\wauctla.InstallLog 2015-02-08 15:09 - 2015-02-08 15:11 - 00000000 ____D () C:\Users\André\AppData\Roaming\FreeAudioEditor 2015-02-08 15:07 - 2015-02-08 15:08 - 03529672 _____ (DVDVideoSoft Ltd. ) C:\Users\André\Downloads\FreeAudioEditor.exe 2015-02-08 15:05 - 2015-02-10 14:43 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-02-08 15:00 - 2015-02-08 15:01 - 34792128 _____ (DVDVideoSoft Ltd. ) C:\Users\André\Downloads\FreeYouTubeToMP354Converter.exe 2015-02-08 11:44 - 2015-02-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nival 2015-02-08 11:44 - 2015-02-08 11:44 - 00000745 _____ () C:\Users\Public\Desktop\Prime World.lnk 2015-02-08 11:39 - 2015-02-08 11:39 - 15938760 _____ (Nival ) C:\Users\André\Downloads\PWSetup.exe 2015-02-04 15:27 - 2015-02-04 15:27 - 00000000 __SHD () C:\Users\André\AppData\Local\EmieBrowserModeList 2015-02-04 15:22 - 2015-02-04 15:22 - 00000000 ____D () C:\Users\André\AppData\Roaming\sparta123 2015-02-04 14:45 - 2015-02-04 14:45 - 00000000 ____D () C:\Windows\SysWOW64\controlfirmwareGUI 2015-02-04 12:52 - 2015-02-04 12:52 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files\iTunes 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files\iPod 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-02-04 10:59 - 2015-02-04 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-02-03 23:29 - 2015-02-03 23:29 - 00002227 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00002215 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00002203 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015 2015-02-03 23:29 - 2014-11-24 12:48 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe 2015-02-03 23:29 - 2014-11-24 12:48 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll 2015-02-03 23:29 - 2014-11-24 12:48 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll 2015-02-02 12:42 - 2015-02-02 12:42 - 00000559 _____ () C:\Users\André\Downloads\qr_code.zip 2015-01-30 23:36 - 2015-01-30 23:36 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys 2015-01-30 23:36 - 2015-01-30 23:36 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys 2015-01-30 10:23 - 2015-01-30 10:23 - 00296196 _____ () C:\Users\André\Downloads\Schraubenset für Apple iPhone 4 2015-01-23 11:30 - 2015-01-23 11:30 - 06381120 _____ (Tim Kosse) C:\Users\André\Downloads\FileZilla_3.10.0.2_win32-setup.exe 2015-01-20 23:07 - 2015-01-20 23:07 - 00152013 _____ () C:\Users\André\Desktop\html5blank-stable.zip 2015-01-20 23:05 - 2015-01-20 23:05 - 00128675 _____ () C:\Users\André\Downloads\html2wp.1.3.5.zip 2015-01-20 22:11 - 2015-02-10 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital 2015-01-20 22:11 - 2015-01-20 22:11 - 00001523 _____ () C:\Users\Public\Desktop\Theme Hospital.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-19 13:04 - 2013-04-23 04:25 - 01863639 _____ () C:\Windows\WindowsUpdate.log 2015-02-19 13:02 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-19 13:02 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-19 12:55 - 2014-06-26 18:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-19 12:54 - 2013-04-23 12:00 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks 2015-02-19 12:54 - 2013-04-23 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks 2015-02-19 12:54 - 2013-04-23 11:55 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2015-02-19 12:54 - 2013-04-23 11:45 - 00000000 ____D () C:\ProgramData\Bigfoot Networks 2015-02-19 12:53 - 2013-04-23 11:55 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-19 12:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-19 12:45 - 2013-04-23 11:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-18 23:11 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2015-02-18 23:07 - 2009-07-14 03:34 - 92274688 _____ () C:\Windows\system32\config\software.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 25165824 _____ () C:\Windows\system32\config\system.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 00061440 _____ () C:\Windows\system32\config\sam.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 00024576 _____ () C:\Windows\system32\config\security.bak 2015-02-18 22:45 - 2013-04-27 21:25 - 00000000 ____D () C:\Users\André\AppData\Roaming\Skype 2015-02-18 22:43 - 2013-04-23 11:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-18 22:43 - 2013-04-23 11:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-18 22:43 - 2013-04-23 11:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-18 22:03 - 2013-04-27 20:01 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-02-18 17:00 - 2013-04-28 13:42 - 00000000 ____D () C:\Users\André\AppData\Roaming\vlc 2015-02-18 16:44 - 2014-01-05 20:24 - 00000000 ____D () C:\Windows\WindowsMobile 2015-02-18 16:44 - 2013-06-20 17:21 - 00000000 ____D () C:\Users\André\Documents\VirtualDJ 2015-02-18 14:55 - 2014-12-02 19:18 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-18 14:55 - 2014-06-26 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-18 14:55 - 2014-06-26 18:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-18 14:24 - 2013-06-17 21:38 - 00000000 ____D () C:\Users\André\Desktop\dj 2015-02-18 13:18 - 2013-06-03 19:12 - 00003504 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2015-02-18 11:40 - 2014-11-29 11:02 - 00000000 ____D () C:\Users\André\Desktop\fun 2015-02-18 10:07 - 2013-04-27 22:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-02-18 10:06 - 2013-04-27 21:58 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-17 22:13 - 2014-03-15 11:57 - 00000000 ____D () C:\Users\André\AppData\Roaming\UseNeXT 2015-02-17 22:12 - 2014-03-17 22:22 - 00000000 ____D () C:\Users\André\Documents\UseNeXT 2015-02-17 10:04 - 2013-05-13 20:51 - 00000000 ____D () C:\Windows\1CE60928832549A88B06633E48DD2B67.TMP 2015-02-16 12:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-16 11:45 - 2013-04-28 15:47 - 00000000 ____D () C:\Users\André\Desktop\Eigenschaften 2015-02-16 11:43 - 2014-08-13 11:07 - 00000000 ____D () C:\Users\André\AppData\Roaming\Canon 2015-02-16 11:43 - 2014-08-13 11:00 - 00000000 ____D () C:\Program Files (x86)\Canon 2015-02-16 10:53 - 2014-03-26 15:32 - 00000000 ____D () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2015-02-16 10:53 - 2014-03-26 15:31 - 00000000 ____D () C:\Users\André\AppData\Local\Deployment 2015-02-16 10:52 - 2014-03-26 15:31 - 00417064 _____ () C:\Users\André\Downloads\DellSystemDetect.exe 2015-02-15 12:52 - 2010-11-21 07:50 - 00700794 _____ () C:\Windows\system32\perfh007.dat 2015-02-15 12:52 - 2010-11-21 07:50 - 00150400 _____ () C:\Windows\system32\perfc007.dat 2015-02-15 12:52 - 2009-07-14 06:13 - 01624426 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-12 19:42 - 2013-04-27 21:06 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-02-12 19:42 - 2013-04-27 21:06 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-02-12 19:42 - 2013-04-27 20:01 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-02-12 19:42 - 2013-04-27 20:01 - 00000965 _____ () C:\Users\Public\Desktop\Opera.lnk 2015-02-12 19:42 - 2013-04-26 10:10 - 00000997 _____ () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-12 18:38 - 2014-06-15 21:37 - 00597344 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA 2015-02-12 18:36 - 2014-12-16 17:58 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 18:36 - 2014-05-08 11:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-12 17:00 - 2013-12-06 20:10 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-02-12 10:54 - 2013-06-15 16:57 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-12 10:45 - 2009-07-14 03:34 - 00000609 _____ () C:\Windows\win.ini 2015-02-12 10:44 - 2013-06-03 19:06 - 00002155 _____ () C:\Windows\epplauncher.mif 2015-02-12 10:44 - 2013-06-03 19:05 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-02-12 10:44 - 2013-06-03 19:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-02-12 10:44 - 2013-06-03 19:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-02-12 10:35 - 2013-09-25 15:24 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-12 10:25 - 2013-09-25 15:24 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-11 13:43 - 2013-06-03 19:12 - 00004064 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-02-11 13:43 - 2013-06-03 19:12 - 00003242 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2015-02-11 13:42 - 2013-04-23 12:00 - 00000000 ____D () C:\Program Files\AlienAutopsy 2015-02-11 13:42 - 2013-04-23 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2015-02-11 13:42 - 2013-04-23 11:48 - 00000000 ____D () C:\Program Files\Alienware 2015-02-10 23:04 - 2014-01-25 23:15 - 00000000 ____D () C:\Users\André\Desktop\Schule 2015-02-10 22:59 - 2013-08-13 21:16 - 00000000 ____D () C:\Users\André\Desktop\HVH 2015-02-10 22:56 - 2014-09-18 21:43 - 00000000 ____D () C:\Users\André\Desktop\HTML 2015-02-10 22:55 - 2013-04-28 14:01 - 00000000 ____D () C:\Users\André\Desktop\Ipod 2015-02-10 17:18 - 2014-01-17 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sport-DJ 2015-02-10 14:49 - 2013-04-26 10:07 - 00000000 ____D () C:\Users\André 2015-02-10 14:43 - 2015-01-06 13:02 - 00000000 ____D () C:\Windows\system32\AGEIA 2015-02-10 14:43 - 2015-01-06 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA 2015-02-10 14:43 - 2015-01-06 13:01 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA 2015-02-10 14:43 - 2015-01-06 13:01 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-02-10 14:43 - 2014-12-27 17:39 - 00000000 ____D () C:\Users\André\AppData\Local\PokerStars.EU 2015-02-10 14:43 - 2014-12-27 17:35 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2015-02-10 14:43 - 2014-03-10 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamics 2015-02-10 14:43 - 2014-03-10 22:34 - 00000000 ____D () C:\Program Files (x86)\Dynamics 2015-02-10 14:43 - 2014-02-17 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-10 14:43 - 2014-01-17 13:53 - 00000000 ____D () C:\Program Files\Sport_DJ 2015-02-10 14:43 - 2014-01-16 20:51 - 00000000 ____D () C:\Program Files (x86)\Preh 2015-02-10 14:43 - 2013-09-15 20:33 - 00000000 ____D () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2015-02-10 14:43 - 2013-09-15 20:33 - 00000000 ____D () C:\Users\André\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2015-02-10 14:43 - 2013-09-05 17:09 - 00000000 ____D () C:\ProgramData\PMB Files 2015-02-10 14:43 - 2013-06-21 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-02-10 14:43 - 2013-06-21 21:32 - 00000000 ____D () C:\Users\André\AppData\Roaming\DVDVideoSoft 2015-02-10 14:43 - 2013-06-21 21:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2015-02-10 14:43 - 2013-06-20 13:54 - 00000000 ____D () C:\ProgramData\Netzmanager 2015-02-10 14:43 - 2013-05-11 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbindungsassistent 2015-02-10 14:43 - 2013-05-11 19:50 - 00000000 ____D () C:\Program Files (x86)\Verbindungsassistent 2015-02-10 14:43 - 2013-04-27 22:01 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-02-10 14:43 - 2013-04-23 11:44 - 00000000 ____D () C:\Program Files (x86)\ST Microelectronics 2015-02-10 14:43 - 2013-04-23 11:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-10 14:43 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-02-10 14:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2015-02-10 14:42 - 2013-04-27 22:56 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2015-02-10 14:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2015-02-10 14:41 - 2013-08-26 19:00 - 00000000 ____D () C:\Users\André\AppData\Roaming\TeamViewer 2015-02-10 14:41 - 2013-04-27 21:50 - 00000000 ____D () C:\Users\André\AppData\Roaming\DAEMON Tools Lite 2015-02-10 14:39 - 2013-09-05 17:09 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2015-02-10 14:39 - 2013-04-28 11:05 - 00000000 ____D () C:\Games 2015-02-10 14:39 - 2013-04-27 21:58 - 00000000 ___RD () C:\MSOCache 2015-02-09 17:20 - 2013-08-15 10:55 - 00000000 ____D () C:\Users\André\AppData\Roaming\FileZilla 2015-02-09 14:55 - 2013-08-12 20:22 - 00000000 ____D () C:\Users\Andr� 2015-02-09 13:13 - 2013-05-28 00:11 - 00000000 ____D () C:\Windows\de 2015-02-04 14:27 - 2014-03-10 22:36 - 00000000 ____D () C:\Users\André\Desktop\Laser 2015-02-04 11:05 - 2013-04-27 21:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-28 11:51 - 2013-08-15 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-01-28 11:51 - 2013-08-15 10:55 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2015-01-27 11:59 - 2013-05-15 06:47 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-01-23 11:30 - 2014-11-30 15:30 - 00000000 ____D () C:\Users\André\Desktop\Neuer Ordner 2015-01-20 22:10 - 2013-05-15 06:49 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-01-20 22:09 - 2013-05-15 06:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin ==================== Files in the root of some directories ======= 2013-12-02 23:26 - 2013-12-02 23:26 - 0010020 _____ () C:\Users\André\AppData\Local\CleanupUninstall.txt 2014-07-04 15:47 - 2014-07-04 15:47 - 0003584 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-11 10:33 - 2014-07-11 10:33 - 2359296 _____ (laboratorio) C:\Users\André\AppData\Local\hrbug.exe 2014-12-03 10:51 - 2014-12-03 10:51 - 0002102 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2015-02-15 21:13 - 2015-02-15 21:13 - 0007618 _____ () C:\Users\André\AppData\Local\Resmon.ResmonCfg 2014-07-11 15:06 - 2014-07-11 15:06 - 2056192 _____ (atracan) C:\Users\André\AppData\Local\wngofv.exe 2014-09-14 19:28 - 2014-09-14 19:28 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\André\AppData\Local\Temp\Quarantine.exe C:\Users\André\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-13 01:01 ==================== End Of Log ============================ Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01 Ran by André at 2015-02-19 13:10:12 Running from C:\Users\André\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.108 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden AGEIA PhysX v7.03.21 (HKLM-x32\...\{85EBB283-65AF-4C53-9EBE-7C0A232762F7}) (Version: 7.03.21 - AGEIA Technologies, Inc.) AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware) AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware) Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.) Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - ) Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.1 - Extensoft) AutoBinarySEA (HKLM-x32\...\{78A20C59-1EE7-42EA-B9D7-A764FB341150}) (Version: 2.2.5170.26769 - AutoBinarySEA DE) AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies) AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Bitcoin (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Bitcoin) (Version: 0.8.6 - Bitcoin project) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden Canon MP Navigator 3.1 (HKLM-x32\...\MP Navigator 3.1) (Version: - ) Canon MP140 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series) (Version: - ) Canon MP140 series Benutzerregistrierung (HKLM-x32\...\Canon MP140 series Benutzerregistrierung) (Version: - ) Canon Utilities Easy-LayoutPrint (HKLM-x32\...\Easy-LayoutPrint) (Version: - ) Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version: - ) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4255 - CDBurnerXP) Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell) Dell System Detect - 1 (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell) Dell System Detect (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell) DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version: - ) DJ Intro version 1.1.2 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.1.2 - Serato Audio Research) DJI driver version 2.02 (HKLM-x32\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI) DJI iOSD Assistant version 4.0 (HKLM-x32\...\{8CA48822-4CC7-40FE-9F4E-1BDC314F58F3}_is1) (Version: 4.0 - DJI) DJI WookongM Assistant version 2.04 (HKLM-x32\...\{FAA9FD58-F448-44C9-A850-CE9744A465A3}_is1) (Version: 2.04 - DJI) Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version: - ) DYNAMICS Demoversion, Version: 30.4.2013 (HKLM-x32\...\DYNAMICS_is1) (Version: - ) Empire Earth III (HKLM-x32\...\{B17E235C-7A3B-4482-B650-21FFDE1D452E}) (Version: 1.00.0000 - Sierra Entertainment) EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden Euro Truck Simulator 1.3 (HKLM-x32\...\Euro Truck Simulator) (Version: 1.3 - SCS Software) Event Music Machine 1.1.6 (HKLM-x32\...\Event Music Machine) (Version: 1.1.6 - Christoph Krämer) EventSoundControl (HKLM-x32\...\9B96C7FA-95B6-40BD-859A-46C15A64EBDB) (Version: 2.1.32 - clearsounds.de - Medienagentur) FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse) Firstload (HKLM-x32\...\Firstload) (Version: - Lumaris.net) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Free Audio Editor version 1.0.8.128 (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.0.8.128 - DVDVideoSoft Ltd.) Free Video Flip and Rotate version 2.1.9.827 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.827 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.) Gameforge Live 1.6.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.6.0 - Gameforge) GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.55.0 - International GeoGebra Institute) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION Grand Theft Auto IV - Episodes From Liberty City (HKLM-x32\...\{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1) (Version: - ) HD2 Toolkit Version 4.3 (HKLM-x32\...\{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1) (Version: 4.3 - Kaushal Subedi (KSubedi)) Hot Jingle Player V1.1 (HKLM-x32\...\Hot Jingle Player_is1) (Version: - Koyote Soft) HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard) HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.01.15 - Creative Technology Ltd) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan) iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation) Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.86.0 - Firstload) Lumac (x32 Version: 1.1.86.0 - Firstload) Hidden MAGIX Screenshare (HKLM-x32\...\{AAE31374-02C2-452E-88EC-2F16D92731A9}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Video deluxe 17 Premium Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_premium) (Version: 10.0.0.32 - MAGIX AG) MAGIX Video deluxe 17 Premium Download-Version (x32 Version: 10.0.0.32 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Michas Jingle-Player (HKLM-x32\...\Michas Jingle-Player) (Version: - ) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation) NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation) NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer) Pioneer DDJ_SB Driver (HKLM-x32\...\Pioneer DDJ_SB ASIO) (Version: 1.000.000.002 - Pioneer Corporation.) PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Prime World Version 10.1 (HKLM-x32\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 10.1 - Nival) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.304 - Qualcomm Atheros) Qualcomm Atheros Killer Network Manager (Version: 6.1.0.304 - Qualcomm Atheros) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.) RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - ) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) RollerCoaster Tycoon® 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - ) ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited) Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Sublime Text 2.0.1 (HKLM\...\Sublime Text 2_is1) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.4.0 - Synaptics Incorporated) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer) Terraria (HKLM-x32\...\Steam App 105600) (Version: - ) The Polynomial (HKLM-x32\...\Steam App 67000) (Version: - Dmytry Lavrov) Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts) TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.) Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 3.1 - Verbindungsassistent) Version 1.01 (HKLM-x32\...\Sport-DJ_is1) (Version: - ) VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions) VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP) WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (01/19/2011 5.1.2600.5512) (HKLM\...\2DC11E587B8BA912FF8FD5433B426EE46F8E22DD) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.) Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (12/06/2012 5.1.2600.5512) (HKLM\...\F731C4A8B354FB9B7579C5D98402D2F988E8B95C) (Version: 12/06/2012 5.1.2600.5512 - dji-innovations inc.) Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI) Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1A421F24-ECBE-44BD-8A67-49F8E2E5443E} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION Task: {27017224-F39A-4087-8D7B-D52A46593676} - System32\Tasks\{3DFD8CA4-D792-4563-A4F5-A7493E9AC83B} => pcalua.exe -a C:\Users\André\Downloads\tjingle-3.5-setup.exe -d C:\Users\André\Downloads Task: {27E6A499-3DEB-4672-B823-8A714B1D6187} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.) Task: {3C469C1B-140C-4D17-881C-F197EA405FF8} - System32\Tasks\{41821B90-9332-4FC0-8E38-6FB4B46E873C} => pcalua.exe -a "C:\Users\André\Downloads\mp140swin64106ea24 (1).exe" -d C:\Users\André\Downloads Task: {3F7E5641-C08A-4F58-BBF6-12D0CEB8E023} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {4A3A143C-2D3C-4820-839B-E683FA90F25A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {4F026846-FCB2-4C8B-A567-4D06572BBFDA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {5537F832-4365-4C86-A14B-282F6D8890D7} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION Task: {574111F7-9E9D-4B95-8DB7-039BDC40F840} - System32\Tasks\SSBkgdUpdate => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.) Task: {582C1351-0A8B-400A-B5D6-FB758ABB587F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {61317184-1406-4FAE-A386-08849785BFB2} - System32\Tasks\Opera scheduled Autoupdate 1424293363 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software) Task: {6142C201-7FF1-47E7-9BD3-5D6139C180F4} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {67D681BF-1F42-4936-BD6D-ECAF37F35EFC} - \GPUP No Task File <==== ATTENTION Task: {82C24D58-0C6E-45E6-BCBC-22F70E95B731} - \Plus-HD-2.2-updater No Task File <==== ATTENTION Task: {9EBEE2CA-8B1C-43E3-81F6-57A80C570466} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A1992B46-7C93-4458-89FE-C61CA4C00196} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {A285A914-CAD2-4ED6-AA85-2BACA9F0422E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {D83784FE-4D3D-4FAC-B465-D5470EE51D1F} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION Task: {DBF47455-4FA1-4DF3-908B-FADDD23A3D61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-18] (Adobe Systems Incorporated) Task: {E2DBF902-BBA1-4C1C-8A06-163F1936054A} - \Eakona Update No Task File <==== ATTENTION Task: {E39AF135-E724-439F-9EBF-0CB270B4483E} - System32\Tasks\{C4638735-56DF-4771-9A6E-2F9B249DF107} => pcalua.exe -a E:\iShowII_EN\instmsiw.exe -d E:\iShowII_EN Task: {ECCFDDB6-B8BA-4ABB-B9CD-01020EA1E7BE} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {EE7CC445-5949-46EA-89BC-3DFCF65E3711} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies) Task: {F21E8D83-0DC6-441E-8DD1-3D7C37C5662C} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2013-04-23 11:54 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-09 11:25 - 2015-02-09 11:25 - 00211968 _____ () C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe 2015-02-16 11:43 - 2006-11-10 07:12 - 00099936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2013-08-02 13:05 - 2013-07-27 09:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll 2013-04-27 20:12 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2012-02-15 20:37 - 2012-02-15 20:37 - 00549888 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe 2011-05-10 01:46 - 2011-05-10 01:46 - 02760192 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll 2011-05-10 01:56 - 2011-05-10 01:56 - 09856000 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll 2011-05-10 01:48 - 2011-05-10 01:48 - 00990720 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll 2011-05-10 01:47 - 2011-05-10 01:47 - 00416256 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00217600 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll 2011-05-10 17:32 - 2011-05-10 17:32 - 00731648 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00404992 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modApplications.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00036864 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFeatures.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00025088 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFraps.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00241152 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modGraph.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00062464 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modlcd.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00289280 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNetwork.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00184832 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNpu.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00210944 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOptions.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00055808 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOverview.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00329216 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00492032 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe 2014-11-24 12:48 - 2014-11-24 12:48 - 00713528 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2013-05-11 19:50 - 2010-11-18 12:09 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe 2013-04-23 11:55 - 2012-01-27 03:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE 2014-11-24 12:49 - 2014-11-24 12:49 - 00856888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll 2015-02-09 11:25 - 2015-02-09 11:25 - 00451072 _____ () C:\Users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe 2015-02-04 14:45 - 2015-01-19 13:29 - 00083456 _____ () C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe 2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2011-03-04 11:49 - 2011-03-04 11:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2013-04-27 20:12 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-09 11:25 - 2014-07-08 09:22 - 00095232 _____ () C:\Users\André\AppData\Local\dashboardtxview64\qjson0.dll 2014-10-16 18:21 - 2014-10-16 18:21 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\712c383e9837b8c37b3107f22be9455c\PSIClient.ni.dll 2013-04-23 11:41 - 2012-02-01 23:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-829858747-3269657560-2013248277-500 - Administrator - Disabled) André (S-1-5-21-829858747-3269657560-2013248277-1001 - Administrator - Enabled) => C:\Users\André Gast (S-1-5-21-829858747-3269657560-2013248277-501 - Limited - Disabled) UpdatusUser (S-1-5-21-829858747-3269657560-2013248277-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert . Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 22) (User: ) Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert. Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist. Der von CoCreateInstance für die Klasse mit CLSID "{f5078f32-c551-11d3-89b9-0000f81fe221}" und dem Namen "MSXML30" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert ]. Vorgang: Für die Sicherung initialisieren System errors: ============= Microsoft Office Sessions: ========================= Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 22) (User: ) Description: {f5078f32-c551-11d3-89b9-0000f81fe221}MSXML300x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren CodeIntegrity Errors: =================================== Date: 2015-02-18 23:05:46.082 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-18 23:05:46.061 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-09 14:33:54.015 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-09 14:33:53.992 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 15:52:51.094 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 15:52:51.062 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz Percentage of memory in use: 22% Total physical RAM: 12170.31 MB Available physical RAM: 9428.6 MB Total Pagefile: 24338.8 MB Available Pagefile: 21335.36 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:494.55 GB) (Free:202.96 GB) NTFS Drive d: (DATAPART1) (Fixed) (Total:29.81 GB) (Free:28.38 GB) NTFS Drive f: (Musik) (Fixed) (Total:195.31 GB) (Free:76.78 GB) NTFS Drive h: (RCT3_WILD) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: B55A8670) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=8.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=494.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=195.3 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: B55ABA8A) Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
19.02.2015, 14:02 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | edealspop und n10.adshostnet.com/ads? stört mich beim Surfen FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKU\S-1-5-21-829858747-3269657560-2013248277-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [S-1-5-21-829858747-3269657560-2013248277-1001] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-829858747-3269657560-2013248277-1001] => http=127.0.0.1:11433 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP1BC61AB6-8239-4498-93FC-3138718BE3AD&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File S2 4188b5b6; c:\Program Files (x86)\DealDragon\HotDealsa.dll [4246528 2014-11-22] () [File not signed] S2 serveras; C:\Users\André\AppData\Roaming\ASPackage\ASSrv.exe [X] Task: {1A421F24-ECBE-44BD-8A67-49F8E2E5443E} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION Task: {27017224-F39A-4087-8D7B-D52A46593676} - System32\Tasks\{3DFD8CA4-D792-4563-A4F5-A7493E9AC83B} => pcalua.exe -a C:\Users\André\Downloads\tjingle-3.5-setup.exe -d C:\Users\André\Downloads Task: {27E6A499-3DEB-4672-B823-8A714B1D6187} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.) Task: {3C469C1B-140C-4D17-881C-F197EA405FF8} - System32\Tasks\{41821B90-9332-4FC0-8E38-6FB4B46E873C} => pcalua.exe -a "C:\Users\André\Downloads\mp140swin64106ea24 (1).exe" -d C:\Users\André\Downloads Task: {5537F832-4365-4C86-A14B-282F6D8890D7} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION Task: {67D681BF-1F42-4936-BD6D-ECAF37F35EFC} - \GPUP No Task File <==== ATTENTION Task: {82C24D58-0C6E-45E6-BCBC-22F70E95B731} - \Plus-HD-2.2-updater No Task File <==== ATTENTION Task: {D83784FE-4D3D-4FAC-B465-D5470EE51D1F} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION Task: {E2DBF902-BBA1-4C1C-8A06-163F1936054A} - \Eakona Update No Task File <==== ATTENTION Task: {E39AF135-E724-439F-9EBF-0CB270B4483E} - System32\Tasks\{C4638735-56DF-4771-9A6E-2F9B249DF107} => pcalua.exe -a E:\iShowII_EN\instmsiw.exe -d E:\iShowII_EN Task: {F21E8D83-0DC6-441E-8DD1-3D7C37C5662C} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:373E1720 C:\Users\André\AppData\Roaming\ASPackage c:\Program Files (x86)\DealDragon EmptyTemp: Hosts: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
19.02.2015, 14:31 | #11 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01 Ran by André at 2015-02-19 14:26:33 Run:1 Running from C:\Users\André\Desktop Loaded Profiles: UpdatusUser & André (Available profiles: UpdatusUser & André) Boot Mode: Normal ============================================== Content of fixlist: ***************** GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKU\S-1-5-21-829858747-3269657560-2013248277-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyEnable: [S-1-5-21-829858747-3269657560-2013248277-1001] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-829858747-3269657560-2013248277-1001] => http=127.0.0.1:11433 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP1BC61AB6-8239-4498-93FC-3138718BE3AD&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} BHO: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File S2 4188b5b6; c:\Program Files (x86)\DealDragon\HotDealsa.dll [4246528 2014-11-22] () [File not signed] S2 serveras; C:\Users\André\AppData\Roaming\ASPackage\ASSrv.exe [X] Task: {1A421F24-ECBE-44BD-8A67-49F8E2E5443E} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION Task: {27017224-F39A-4087-8D7B-D52A46593676} - System32\Tasks\{3DFD8CA4-D792-4563-A4F5-A7493E9AC83B} => pcalua.exe -a C:\Users\André\Downloads\tjingle-3.5-setup.exe -d C:\Users\André\Downloads Task: {27E6A499-3DEB-4672-B823-8A714B1D6187} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.) Task: {3C469C1B-140C-4D17-881C-F197EA405FF8} - System32\Tasks\{41821B90-9332-4FC0-8E38-6FB4B46E873C} => pcalua.exe -a "C:\Users\André\Downloads\mp140swin64106ea24 (1).exe" -d C:\Users\André\Downloads Task: {5537F832-4365-4C86-A14B-282F6D8890D7} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION Task: {67D681BF-1F42-4936-BD6D-ECAF37F35EFC} - \GPUP No Task File <==== ATTENTION Task: {82C24D58-0C6E-45E6-BCBC-22F70E95B731} - \Plus-HD-2.2-updater No Task File <==== ATTENTION Task: {D83784FE-4D3D-4FAC-B465-D5470EE51D1F} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION Task: {E2DBF902-BBA1-4C1C-8A06-163F1936054A} - \Eakona Update No Task File <==== ATTENTION Task: {E39AF135-E724-439F-9EBF-0CB270B4483E} - System32\Tasks\{C4638735-56DF-4771-9A6E-2F9B249DF107} => pcalua.exe -a E:\iShowII_EN\instmsiw.exe -d E:\iShowII_EN Task: {F21E8D83-0DC6-441E-8DD1-3D7C37C5662C} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:373E1720 C:\Users\André\AppData\Roaming\ASPackage c:\Program Files (x86)\DealDragon EmptyTemp: Hosts: ***************** C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKU\S-1-5-21-829858747-3269657560-2013248277-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-21-829858747-3269657560-2013248277-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-21-829858747-3269657560-2013248277-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully. HKU\S-1-5-21-829858747-3269657560-2013248277-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully. HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully. HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully. HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully. HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key deleted successfully. HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. 4188b5b6 => Service deleted successfully. serveras => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A421F24-ECBE-44BD-8A67-49F8E2E5443E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A421F24-ECBE-44BD-8A67-49F8E2E5443E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-chromeinstaller" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27017224-F39A-4087-8D7B-D52A46593676}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27017224-F39A-4087-8D7B-D52A46593676}" => Key deleted successfully. C:\Windows\System32\Tasks\{3DFD8CA4-D792-4563-A4F5-A7493E9AC83B} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3DFD8CA4-D792-4563-A4F5-A7493E9AC83B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27E6A499-3DEB-4672-B823-8A714B1D6187}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27E6A499-3DEB-4672-B823-8A714B1D6187}" => Key deleted successfully. C:\Windows\System32\Tasks\PCDEventLauncherTask => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C469C1B-140C-4D17-881C-F197EA405FF8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C469C1B-140C-4D17-881C-F197EA405FF8}" => Key deleted successfully. C:\Windows\System32\Tasks\{41821B90-9332-4FC0-8E38-6FB4B46E873C} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{41821B90-9332-4FC0-8E38-6FB4B46E873C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5537F832-4365-4C86-A14B-282F6D8890D7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5537F832-4365-4C86-A14B-282F6D8890D7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-codedownloader" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67D681BF-1F42-4936-BD6D-ECAF37F35EFC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67D681BF-1F42-4936-BD6D-ECAF37F35EFC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUP" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82C24D58-0C6E-45E6-BCBC-22F70E95B731}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82C24D58-0C6E-45E6-BCBC-22F70E95B731}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-updater" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D83784FE-4D3D-4FAC-B465-D5470EE51D1F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D83784FE-4D3D-4FAC-B465-D5470EE51D1F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-firefoxinstaller" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2DBF902-BBA1-4C1C-8A06-163F1936054A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2DBF902-BBA1-4C1C-8A06-163F1936054A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Eakona Update" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E39AF135-E724-439F-9EBF-0CB270B4483E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E39AF135-E724-439F-9EBF-0CB270B4483E}" => Key deleted successfully. C:\Windows\System32\Tasks\{C4638735-56DF-4771-9A6E-2F9B249DF107} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4638735-56DF-4771-9A6E-2F9B249DF107}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F21E8D83-0DC6-441E-8DD1-3D7C37C5662C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F21E8D83-0DC6-441E-8DD1-3D7C37C5662C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.2-enabler" => Key deleted successfully. C:\ProgramData\TEMP => ":373E1720" ADS removed successfully. "C:\Users\André\AppData\Roaming\ASPackage" => File/Directory not found. c:\Program Files (x86)\DealDragon => Moved successfully. Hosts was reset successfully. EmptyTemp: => Removed 748.5 MB temporary data. The system needed a reboot. ==== End of Fixlog 14:26:37 ==== |
19.02.2015, 14:52 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
19.02.2015, 14:56 | #13 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen frst: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01 Ran by André (administrator) on ALIENWAREGAMING on 19-02-2015 14:55:09 Running from C:\Users\André\Desktop Loaded Profiles: UpdatusUser & André (Available profiles: UpdatusUser & André) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe () C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Dell) C:\Users\André\AppData\Local\Apps\2.0\GXWZMQVO.D25\K32AX9EJ.T53\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe () C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe () C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe () C:\Users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe () C:\Program Files (x86)\Opera\27.0.1689.69_0\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe () C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Opera Software) C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Run: [DellSystemDetect] => C:\Users\André\AppData\Local\Apps\2.0\GXWZMQVO.D25\K32AX9EJ.T53\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-02-16] (Dell) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation) AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation) AppInit_DLLs-x32: c:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll => c:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-21-829858747-3269657560-2013248277-1001] => Internet Explorer proxy is enabled. ProxyServer: [S-1-5-21-829858747-3269657560-2013248277-1001] => http=127.0.0.1:12429 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-829858747-3269657560-2013248277-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKU\S-1-5-21-829858747-3269657560-2013248277-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B0&OHP=www.google.com&OSP= HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-829858747-3269657560-2013248277-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [174592] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [189952] (Bigfoot Networks, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\wv60tni2.default-1424269440517 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll No File FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL No File FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: @phonostar.de/radio ffn Rekorder -> C:\Program Files (x86)\radio ffn Rekorder\npphonostarDetectNP.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: @protectdisc.com/NPMPDRM -> C:\Users\André\AppData\Local\mpDRM\Binaries\NPMPDRM.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin HKU\S-1-5-21-829858747-3269657560-2013248277-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\André\AppData\Local\Google\Chrome\User Data\default ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 controlfirmwareGUI; C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe [83456 2015-01-19] () [File not signed] S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-04-23] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-04-23] (Creative Labs) [File not signed] R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-20] (Creative Technology Ltd) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-28] (Creative Technology Ltd) R2 dashboardtxview64.exe; C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe [211968 2015-02-09] () [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-01] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-20] (Electronic Arts) R2 Qualcomm Atheros Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [492032 2012-02-15] () [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2010-11-18] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [2740328 2012-02-15] (Bigfoot Networks, Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-23] (Broadcom Corporation.) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-15] (Bigfoot Networks, Inc.) R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-28] (Creative Technology Ltd) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation) S2 DLPortIO; C:\Windows\SysWow64\Drivers\DLPortIO.sys [3584 1999-01-10] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-27] (DT Soft Ltd) S3 HDJCtrl; C:\Windows\System32\Drivers\HDJCtrl.sys [38704 2013-05-21] (© Guillemot R&D, 2012. All rights reserved.) S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.) S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2013-05-11] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-11-20] (Intel Corporation) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-06-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation) S3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software) S3 catchme; \??\C:\ComboFix\catchme.sys [X] U5 ewusbnet; C:\Windows\SysWOW64\Drivers\ewusbnet.sys [256000 2013-05-11] (Huawei Technologies Co., Ltd.) U5 ew_hwusbdev; C:\Windows\SysWOW64\Drivers\ew_hwusbdev.sys [117248 2013-05-11] (Huawei Technologies Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-19 13:10 - 2015-02-19 13:10 - 00040743 _____ () C:\Users\André\Desktop\Addition.txt 2015-02-19 13:09 - 2015-02-19 14:55 - 00022216 _____ () C:\Users\André\Desktop\FRST.txt 2015-02-19 13:09 - 2015-02-19 13:09 - 00004301 _____ () C:\Users\André\Desktop\JRT.txt 2015-02-19 12:50 - 2015-02-19 12:52 - 00000000 ____D () C:\AdwCleaner 2015-02-19 12:49 - 2015-02-19 12:49 - 02086912 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe 2015-02-19 12:48 - 2015-02-19 12:49 - 01388274 _____ (Thisisu) C:\Users\André\Desktop\JRT.exe 2015-02-19 12:48 - 2015-02-19 12:48 - 02126848 _____ () C:\Users\André\Desktop\AdwCleaner_4.111.exe 2015-02-18 23:17 - 2015-02-18 23:17 - 00040681 _____ () C:\ComboFix.txt 2015-02-18 23:08 - 2015-02-19 14:27 - 00007470 _____ () C:\Windows\PFRO.log 2015-02-18 23:08 - 2015-02-19 14:27 - 00000672 _____ () C:\Windows\setupact.log 2015-02-18 23:08 - 2015-02-18 23:08 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-18 22:52 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-02-18 22:52 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-02-18 22:52 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2015-02-18 22:52 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2015-02-18 22:51 - 2015-02-18 23:18 - 00000000 ____D () C:\Qoobox 2015-02-18 22:50 - 2015-02-18 22:50 - 05611903 ____R (Swearware) C:\Users\André\Desktop\ComboFix.exe 2015-02-18 22:41 - 2015-02-19 14:55 - 00000000 ____D () C:\FRST 2015-02-18 22:03 - 2015-02-18 22:03 - 00003856 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424293363 2015-02-18 22:02 - 2015-02-18 22:02 - 00001137 _____ () C:\Users\Public\Desktop\Opera 27.lnk 2015-02-18 22:02 - 2015-02-18 22:02 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 27.lnk 2015-02-18 21:34 - 2015-02-18 21:35 - 00713120 _____ (Opera Software) C:\Users\André\Desktop\Opera_NI_stable.exe 2015-02-18 16:37 - 2015-02-19 12:52 - 00000000 ____D () C:\Windows\system32\log 2015-02-18 15:26 - 2015-02-18 16:16 - 00000000 ____D () C:\Users\André\Desktop\rkill 2015-02-18 10:07 - 2015-02-18 10:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2015-02-17 10:20 - 2015-02-18 16:55 - 00003858 _____ () C:\Windows\System32\Tasks\SSBkgdUpdate 2015-02-17 10:07 - 2015-02-17 10:07 - 00000000 ____D () C:\Users\André\AppData\Local\Scansoft 2015-02-16 11:43 - 2015-02-16 11:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2015-02-16 11:42 - 2015-02-16 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series Benutzerregistrierung 2015-02-16 11:37 - 2015-02-16 11:37 - 00000424 _____ () C:\Windows\MAXLINK.INI 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\Users\André\AppData\Roaming\ScanSoft 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\ScanSoft 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\ProgramData\InstallShield 2015-02-16 11:37 - 2015-02-16 11:37 - 00000000 ____D () C:\Program Files (x86)\ScanSoft 2015-02-16 11:33 - 2015-02-16 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-02-16 11:33 - 2015-02-16 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series Manual 2015-02-16 11:33 - 2015-02-16 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Notes for Windows Vista 2015-02-16 11:28 - 2015-02-16 11:28 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2015-02-16 11:28 - 2015-02-16 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP140 series 2015-02-16 11:28 - 2006-12-25 21:00 - 00236544 _____ (CANON INC.) C:\Windows\system32\CNMLM8R.DLL 2015-02-16 11:27 - 2015-02-16 11:27 - 00000000 ___HD () C:\Program Files\CanonBJ 2015-02-16 11:27 - 2006-11-10 03:03 - 01337344 _____ (CANON INC.) C:\Windows\system32\CNCC140.DLL 2015-02-16 11:27 - 2006-11-10 03:02 - 00049664 _____ (CANON INC.) C:\Windows\system32\CNCI140.DLL 2015-02-16 11:27 - 2006-06-29 06:30 - 00017408 _____ (Canon Inc.) C:\Windows\system32\cnco140.dll 2015-02-16 11:27 - 2006-05-26 08:23 - 00090624 _____ (Canon Inc.) C:\Windows\system32\CNCL140.DLL 2015-02-16 11:14 - 2015-02-16 11:14 - 00734473 _____ () C:\Users\André\Downloads\CoreTemp_106.zip 2015-02-16 11:14 - 2015-02-16 11:14 - 00734473 _____ () C:\Users\André\Downloads\CoreTemp_106 (1).zip 2015-02-15 21:13 - 2015-02-15 21:13 - 00007618 _____ () C:\Users\André\AppData\Local\Resmon.ResmonCfg 2015-02-15 20:26 - 2015-02-15 20:26 - 00000000 ____D () C:\Program Files\Dell 2015-02-15 14:06 - 2015-02-15 14:06 - 00003198 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Delay 2015-02-13 09:39 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-13 09:39 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-13 09:39 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-13 09:39 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-12 21:34 - 2015-02-12 21:34 - 00000000 ____D () C:\ProgramData\Grisoft 2015-02-12 21:32 - 2015-02-12 21:33 - 12413440 _____ () C:\Users\André\Downloads\avgas-setup-7.5.1.43.exe 2015-02-12 21:29 - 2015-02-12 21:29 - 00000000 ____D () C:\Users\André\Downloads\backups 2015-02-12 21:28 - 2015-02-12 21:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\André\Downloads\HijackThis.exe 2015-02-12 19:38 - 2015-02-12 19:38 - 02112512 _____ () C:\Users\André\Downloads\adwcleaner_4.110.exe 2015-02-11 13:33 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 13:33 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 13:33 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 13:33 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 13:33 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 13:33 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 13:33 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 13:33 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 13:33 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 13:33 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 13:33 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 13:33 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 13:33 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 13:33 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 13:33 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 13:33 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 13:33 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 13:33 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 13:33 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 13:33 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 13:33 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 13:33 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 13:33 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-11 13:33 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 13:33 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 13:33 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 13:33 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 13:33 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 13:33 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-11 13:33 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-11 13:33 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 13:33 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 13:33 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 13:33 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 13:33 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 13:33 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 13:33 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 13:33 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 13:33 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-11 13:33 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 13:33 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 13:33 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 13:33 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 13:33 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 13:33 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 13:33 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 13:33 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 13:33 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 13:33 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 13:33 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 13:33 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 13:33 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 13:33 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-11 13:32 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 13:32 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 13:32 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 13:32 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 13:32 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 13:32 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 13:32 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 13:32 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 13:32 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 13:32 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 13:32 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 13:32 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 13:32 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 13:32 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 13:32 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 13:32 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 13:32 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 13:32 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 13:32 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 13:32 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 13:32 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 13:32 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 13:31 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 13:31 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-11 13:31 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-11 13:29 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 13:29 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 13:26 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 13:26 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 13:26 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 13:26 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 13:26 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 13:26 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 13:26 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 13:26 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 12:55 - 2015-02-11 12:57 - 16838408 _____ (Tracker Software Products Ltd ) C:\Users\André\Downloads\PDFXVwer_2.5.312.1.exe 2015-02-11 12:07 - 2015-02-11 12:07 - 01128916 _____ (www.hellopdf.com ) C:\Users\André\Downloads\nw_33261_pdfwordsetupexe.exe 2015-02-11 11:30 - 2015-02-11 11:30 - 00000000 ____D () C:\Program Files (x86)\goodChoice 2015-02-11 11:30 - 2015-02-11 11:30 - 00000000 ____D () C:\Program Files (x86)\Color My SNS 2015-02-10 18:06 - 2015-02-10 18:06 - 00709564 _____ () C:\Users\André\Downloads\delfix_10.8.exe 2015-02-10 18:04 - 2015-02-10 18:05 - 01212872 _____ (Zugara Investments Limited ) C:\Users\André\Downloads\adwcleanerexe.exe 2015-02-10 14:54 - 2015-02-10 14:54 - 00621624 _____ () C:\Users\André\Downloads\SUPERAntiSpyware_CB-DL-Manager.exe 2015-02-09 21:41 - 2015-02-09 21:41 - 00000000 _____ () C:\autoexec.bat 2015-02-09 17:13 - 2015-02-10 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-02-09 17:13 - 2015-02-09 17:13 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-02-09 17:12 - 2015-02-10 14:42 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-09 17:02 - 2015-02-09 17:04 - 02418464 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup502.exe.opdownload 2015-02-09 15:23 - 2015-02-10 14:42 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware 2015-02-09 14:18 - 2015-02-18 23:07 - 00000000 ____D () C:\Windows\erdnt 2015-02-09 11:51 - 2015-02-09 11:51 - 06220854 _____ () C:\Users\André\Desktop\Neue Bitmap.bmp 2015-02-09 11:25 - 2015-02-10 14:43 - 00000000 ____D () C:\Users\André\AppData\Local\dashboardtxview64 2015-02-09 11:25 - 2015-02-09 11:25 - 00005012 _____ () C:\Windows\wauctla.InstallState 2015-02-09 11:25 - 2015-02-09 11:25 - 00000529 _____ () C:\Windows\wauctla.InstallLog 2015-02-08 15:09 - 2015-02-08 15:11 - 00000000 ____D () C:\Users\André\AppData\Roaming\FreeAudioEditor 2015-02-08 15:07 - 2015-02-08 15:08 - 03529672 _____ (DVDVideoSoft Ltd. ) C:\Users\André\Downloads\FreeAudioEditor.exe 2015-02-08 15:05 - 2015-02-10 14:43 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-02-08 15:00 - 2015-02-08 15:01 - 34792128 _____ (DVDVideoSoft Ltd. ) C:\Users\André\Downloads\FreeYouTubeToMP354Converter.exe 2015-02-08 11:44 - 2015-02-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nival 2015-02-08 11:44 - 2015-02-08 11:44 - 00000745 _____ () C:\Users\Public\Desktop\Prime World.lnk 2015-02-08 11:39 - 2015-02-08 11:39 - 15938760 _____ (Nival ) C:\Users\André\Downloads\PWSetup.exe 2015-02-04 15:27 - 2015-02-04 15:27 - 00000000 __SHD () C:\Users\André\AppData\Local\EmieBrowserModeList 2015-02-04 15:22 - 2015-02-04 15:22 - 00000000 ____D () C:\Users\André\AppData\Roaming\sparta123 2015-02-04 14:45 - 2015-02-04 14:45 - 00000000 ____D () C:\Windows\SysWOW64\controlfirmwareGUI 2015-02-04 12:52 - 2015-02-04 12:52 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files\iTunes 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files\iPod 2015-02-04 11:05 - 2015-02-04 11:05 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-02-04 10:59 - 2015-02-04 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-02-03 23:29 - 2015-02-03 23:29 - 00002227 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00002215 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00002203 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk 2015-02-03 23:29 - 2015-02-03 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015 2015-02-03 23:29 - 2014-11-24 12:48 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe 2015-02-03 23:29 - 2014-11-24 12:48 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll 2015-02-03 23:29 - 2014-11-24 12:48 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll 2015-02-02 12:42 - 2015-02-02 12:42 - 00000559 _____ () C:\Users\André\Downloads\qr_code.zip 2015-01-30 23:36 - 2015-01-30 23:36 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys 2015-01-30 23:36 - 2015-01-30 23:36 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys 2015-01-30 10:23 - 2015-01-30 10:23 - 00296196 _____ () C:\Users\André\Downloads\Schraubenset für Apple iPhone 4 2015-01-23 11:30 - 2015-01-23 11:30 - 06381120 _____ (Tim Kosse) C:\Users\André\Downloads\FileZilla_3.10.0.2_win32-setup.exe 2015-01-20 23:07 - 2015-01-20 23:07 - 00152013 _____ () C:\Users\André\Desktop\html5blank-stable.zip 2015-01-20 23:05 - 2015-01-20 23:05 - 00128675 _____ () C:\Users\André\Downloads\html2wp.1.3.5.zip 2015-01-20 22:11 - 2015-02-10 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital 2015-01-20 22:11 - 2015-01-20 22:11 - 00001523 _____ () C:\Users\Public\Desktop\Theme Hospital.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-19 14:43 - 2013-04-23 11:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-19 14:38 - 2013-04-23 04:25 - 01883464 _____ () C:\Windows\WindowsUpdate.log 2015-02-19 14:36 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-19 14:36 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-19 14:29 - 2014-06-26 18:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-19 14:28 - 2014-07-06 22:21 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-02-19 14:28 - 2013-04-23 12:00 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks 2015-02-19 14:28 - 2013-04-23 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks 2015-02-19 14:28 - 2013-04-23 11:55 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2015-02-19 14:28 - 2013-04-23 11:45 - 00000000 ____D () C:\ProgramData\Bigfoot Networks 2015-02-19 14:27 - 2013-04-23 11:55 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-19 14:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-19 14:26 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-02-18 23:11 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2015-02-18 23:07 - 2009-07-14 03:34 - 92274688 _____ () C:\Windows\system32\config\software.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 25165824 _____ () C:\Windows\system32\config\system.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 00061440 _____ () C:\Windows\system32\config\sam.bak 2015-02-18 23:07 - 2009-07-14 03:34 - 00024576 _____ () C:\Windows\system32\config\security.bak 2015-02-18 22:45 - 2013-04-27 21:25 - 00000000 ____D () C:\Users\André\AppData\Roaming\Skype 2015-02-18 22:43 - 2013-04-23 11:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-18 22:43 - 2013-04-23 11:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-18 22:43 - 2013-04-23 11:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-18 22:03 - 2013-04-27 20:01 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-02-18 17:00 - 2013-04-28 13:42 - 00000000 ____D () C:\Users\André\AppData\Roaming\vlc 2015-02-18 16:44 - 2014-01-05 20:24 - 00000000 ____D () C:\Windows\WindowsMobile 2015-02-18 16:44 - 2013-06-20 17:21 - 00000000 ____D () C:\Users\André\Documents\VirtualDJ 2015-02-18 14:55 - 2014-12-02 19:18 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-18 14:55 - 2014-06-26 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-18 14:55 - 2014-06-26 18:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-18 14:24 - 2013-06-17 21:38 - 00000000 ____D () C:\Users\André\Desktop\dj 2015-02-18 11:40 - 2014-11-29 11:02 - 00000000 ____D () C:\Users\André\Desktop\fun 2015-02-18 10:07 - 2013-04-27 22:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-02-18 10:06 - 2013-04-27 21:58 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-17 22:13 - 2014-03-15 11:57 - 00000000 ____D () C:\Users\André\AppData\Roaming\UseNeXT 2015-02-17 22:12 - 2014-03-17 22:22 - 00000000 ____D () C:\Users\André\Documents\UseNeXT 2015-02-17 10:04 - 2013-05-13 20:51 - 00000000 ____D () C:\Windows\1CE60928832549A88B06633E48DD2B67.TMP 2015-02-16 12:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-16 11:45 - 2013-04-28 15:47 - 00000000 ____D () C:\Users\André\Desktop\Eigenschaften 2015-02-16 11:43 - 2014-08-13 11:07 - 00000000 ____D () C:\Users\André\AppData\Roaming\Canon 2015-02-16 11:43 - 2014-08-13 11:00 - 00000000 ____D () C:\Program Files (x86)\Canon 2015-02-16 10:53 - 2014-03-26 15:32 - 00000000 ____D () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2015-02-16 10:53 - 2014-03-26 15:31 - 00000000 ____D () C:\Users\André\AppData\Local\Deployment 2015-02-16 10:52 - 2014-03-26 15:31 - 00417064 _____ () C:\Users\André\Downloads\DellSystemDetect.exe 2015-02-15 12:52 - 2010-11-21 07:50 - 00700794 _____ () C:\Windows\system32\perfh007.dat 2015-02-15 12:52 - 2010-11-21 07:50 - 00150400 _____ () C:\Windows\system32\perfc007.dat 2015-02-15 12:52 - 2009-07-14 06:13 - 01624426 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-12 19:42 - 2013-04-27 21:06 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-02-12 19:42 - 2013-04-27 21:06 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-02-12 19:42 - 2013-04-27 20:01 - 00000977 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-02-12 19:42 - 2013-04-27 20:01 - 00000965 _____ () C:\Users\Public\Desktop\Opera.lnk 2015-02-12 19:42 - 2013-04-26 10:10 - 00000997 _____ () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-12 18:38 - 2014-06-15 21:37 - 00597344 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA 2015-02-12 18:36 - 2014-12-16 17:58 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 18:36 - 2014-05-08 11:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-12 17:00 - 2013-12-06 20:10 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-02-12 10:54 - 2013-06-15 16:57 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-12 10:45 - 2009-07-14 03:34 - 00000609 _____ () C:\Windows\win.ini 2015-02-12 10:44 - 2013-06-03 19:06 - 00002155 _____ () C:\Windows\epplauncher.mif 2015-02-12 10:44 - 2013-06-03 19:05 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-02-12 10:44 - 2013-06-03 19:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-02-12 10:44 - 2013-06-03 19:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-02-12 10:35 - 2013-09-25 15:24 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-12 10:25 - 2013-09-25 15:24 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-11 13:43 - 2013-06-03 19:12 - 00004064 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-02-11 13:43 - 2013-06-03 19:12 - 00003242 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2015-02-11 13:42 - 2013-04-23 12:00 - 00000000 ____D () C:\Program Files\AlienAutopsy 2015-02-11 13:42 - 2013-04-23 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2015-02-11 13:42 - 2013-04-23 11:48 - 00000000 ____D () C:\Program Files\Alienware 2015-02-10 23:04 - 2014-01-25 23:15 - 00000000 ____D () C:\Users\André\Desktop\Schule 2015-02-10 22:59 - 2013-08-13 21:16 - 00000000 ____D () C:\Users\André\Desktop\HVH 2015-02-10 22:56 - 2014-09-18 21:43 - 00000000 ____D () C:\Users\André\Desktop\HTML 2015-02-10 22:55 - 2013-04-28 14:01 - 00000000 ____D () C:\Users\André\Desktop\Ipod 2015-02-10 17:18 - 2014-01-17 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sport-DJ 2015-02-10 14:49 - 2013-04-26 10:07 - 00000000 ____D () C:\Users\André 2015-02-10 14:43 - 2015-01-06 13:02 - 00000000 ____D () C:\Windows\system32\AGEIA 2015-02-10 14:43 - 2015-01-06 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA 2015-02-10 14:43 - 2015-01-06 13:01 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA 2015-02-10 14:43 - 2015-01-06 13:01 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2015-02-10 14:43 - 2014-12-27 17:39 - 00000000 ____D () C:\Users\André\AppData\Local\PokerStars.EU 2015-02-10 14:43 - 2014-12-27 17:35 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU 2015-02-10 14:43 - 2014-03-10 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamics 2015-02-10 14:43 - 2014-03-10 22:34 - 00000000 ____D () C:\Program Files (x86)\Dynamics 2015-02-10 14:43 - 2014-02-17 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-10 14:43 - 2014-01-17 13:53 - 00000000 ____D () C:\Program Files\Sport_DJ 2015-02-10 14:43 - 2014-01-16 20:51 - 00000000 ____D () C:\Program Files (x86)\Preh 2015-02-10 14:43 - 2013-09-15 20:33 - 00000000 ____D () C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2015-02-10 14:43 - 2013-09-15 20:33 - 00000000 ____D () C:\Users\André\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2015-02-10 14:43 - 2013-09-05 17:09 - 00000000 ____D () C:\ProgramData\PMB Files 2015-02-10 14:43 - 2013-06-21 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-02-10 14:43 - 2013-06-21 21:32 - 00000000 ____D () C:\Users\André\AppData\Roaming\DVDVideoSoft 2015-02-10 14:43 - 2013-06-21 21:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2015-02-10 14:43 - 2013-06-20 13:54 - 00000000 ____D () C:\ProgramData\Netzmanager 2015-02-10 14:43 - 2013-05-11 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbindungsassistent 2015-02-10 14:43 - 2013-05-11 19:50 - 00000000 ____D () C:\Program Files (x86)\Verbindungsassistent 2015-02-10 14:43 - 2013-04-27 22:01 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-02-10 14:43 - 2013-04-23 11:44 - 00000000 ____D () C:\Program Files (x86)\ST Microelectronics 2015-02-10 14:43 - 2013-04-23 11:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-10 14:43 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-02-10 14:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2015-02-10 14:42 - 2013-04-27 22:56 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2015-02-10 14:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2015-02-10 14:41 - 2013-08-26 19:00 - 00000000 ____D () C:\Users\André\AppData\Roaming\TeamViewer 2015-02-10 14:41 - 2013-04-27 21:50 - 00000000 ____D () C:\Users\André\AppData\Roaming\DAEMON Tools Lite 2015-02-10 14:39 - 2013-09-05 17:09 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2015-02-10 14:39 - 2013-04-28 11:05 - 00000000 ____D () C:\Games 2015-02-10 14:39 - 2013-04-27 21:58 - 00000000 ___RD () C:\MSOCache 2015-02-09 17:20 - 2013-08-15 10:55 - 00000000 ____D () C:\Users\André\AppData\Roaming\FileZilla 2015-02-09 14:55 - 2013-08-12 20:22 - 00000000 ____D () C:\Users\Andr� 2015-02-09 13:13 - 2013-05-28 00:11 - 00000000 ____D () C:\Windows\de 2015-02-04 14:27 - 2014-03-10 22:36 - 00000000 ____D () C:\Users\André\Desktop\Laser 2015-02-04 11:05 - 2013-04-27 21:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-01-28 11:51 - 2013-08-15 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-01-28 11:51 - 2013-08-15 10:55 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2015-01-27 11:59 - 2013-05-15 06:47 - 00000000 ____D () C:\Program Files (x86)\Origin 2015-01-23 11:30 - 2014-11-30 15:30 - 00000000 ____D () C:\Users\André\Desktop\Neuer Ordner 2015-01-20 22:10 - 2013-05-15 06:49 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2015-01-20 22:09 - 2013-05-15 06:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin ==================== Files in the root of some directories ======= 2013-12-02 23:26 - 2013-12-02 23:26 - 0010020 _____ () C:\Users\André\AppData\Local\CleanupUninstall.txt 2014-07-04 15:47 - 2014-07-04 15:47 - 0003584 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-07-11 10:33 - 2014-07-11 10:33 - 2359296 _____ (laboratorio) C:\Users\André\AppData\Local\hrbug.exe 2014-12-03 10:51 - 2014-12-03 10:51 - 0002102 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2015-02-15 21:13 - 2015-02-15 21:13 - 0007618 _____ () C:\Users\André\AppData\Local\Resmon.ResmonCfg 2014-07-11 15:06 - 2014-07-11 15:06 - 2056192 _____ (atracan) C:\Users\André\AppData\Local\wngofv.exe 2014-09-14 19:28 - 2014-09-14 19:28 - 0000057 _____ () C:\ProgramData\Ament.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-13 01:01 ==================== End Of Log ============================ addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01 Ran by André at 2015-02-19 14:55:43 Running from C:\Users\André\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.108 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden AGEIA PhysX v7.03.21 (HKLM-x32\...\{85EBB283-65AF-4C53-9EBE-7C0A232762F7}) (Version: 7.03.21 - AGEIA Technologies, Inc.) AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware) AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware) Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.) Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - ) Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.1 - Extensoft) AutoBinarySEA (HKLM-x32\...\{78A20C59-1EE7-42EA-B9D7-A764FB341150}) (Version: 2.2.5170.26769 - AutoBinarySEA DE) AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies) AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Bitcoin (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\Bitcoin) (Version: 0.8.6 - Bitcoin project) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden Canon MP Navigator 3.1 (HKLM-x32\...\MP Navigator 3.1) (Version: - ) Canon MP140 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series) (Version: - ) Canon MP140 series Benutzerregistrierung (HKLM-x32\...\Canon MP140 series Benutzerregistrierung) (Version: - ) Canon Utilities Easy-LayoutPrint (HKLM-x32\...\Easy-LayoutPrint) (Version: - ) Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version: - ) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4255 - CDBurnerXP) Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell) Dell System Detect - 1 (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell) Dell System Detect (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell) DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version: - ) DJ Intro version 1.1.2 (HKLM-x32\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.1.2 - Serato Audio Research) DJI driver version 2.02 (HKLM-x32\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI) DJI iOSD Assistant version 4.0 (HKLM-x32\...\{8CA48822-4CC7-40FE-9F4E-1BDC314F58F3}_is1) (Version: 4.0 - DJI) DJI WookongM Assistant version 2.04 (HKLM-x32\...\{FAA9FD58-F448-44C9-A850-CE9744A465A3}_is1) (Version: 2.04 - DJI) Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version: - ) DYNAMICS Demoversion, Version: 30.4.2013 (HKLM-x32\...\DYNAMICS_is1) (Version: - ) Empire Earth III (HKLM-x32\...\{B17E235C-7A3B-4482-B650-21FFDE1D452E}) (Version: 1.00.0000 - Sierra Entertainment) EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden Euro Truck Simulator 1.3 (HKLM-x32\...\Euro Truck Simulator) (Version: 1.3 - SCS Software) Event Music Machine 1.1.6 (HKLM-x32\...\Event Music Machine) (Version: 1.1.6 - Christoph Krämer) EventSoundControl (HKLM-x32\...\9B96C7FA-95B6-40BD-859A-46C15A64EBDB) (Version: 2.1.32 - clearsounds.de - Medienagentur) FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse) Firstload (HKLM-x32\...\Firstload) (Version: - Lumaris.net) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Free Audio Editor version 1.0.8.128 (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.0.8.128 - DVDVideoSoft Ltd.) Free Video Flip and Rotate version 2.1.9.827 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.827 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.) Gameforge Live 1.6.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.6.0 - Gameforge) GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.55.0 - International GeoGebra Institute) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION Grand Theft Auto IV - Episodes From Liberty City (HKLM-x32\...\{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1) (Version: - ) HD2 Toolkit Version 4.3 (HKLM-x32\...\{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1) (Version: 4.3 - Kaushal Subedi (KSubedi)) Hot Jingle Player V1.1 (HKLM-x32\...\Hot Jingle Player_is1) (Version: - Koyote Soft) HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard) HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.01.15 - Creative Technology Ltd) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan) iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation) Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.86.0 - Firstload) Lumac (x32 Version: 1.1.86.0 - Firstload) Hidden MAGIX Screenshare (HKLM-x32\...\{AAE31374-02C2-452E-88EC-2F16D92731A9}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Video deluxe 17 Premium Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_premium) (Version: 10.0.0.32 - MAGIX AG) MAGIX Video deluxe 17 Premium Download-Version (x32 Version: 10.0.0.32 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Michas Jingle-Player (HKLM-x32\...\Michas Jingle-Player) (Version: - ) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-829858747-3269657560-2013248277-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation) NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation) NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer) Pioneer DDJ_SB Driver (HKLM-x32\...\Pioneer DDJ_SB ASIO) (Version: 1.000.000.002 - Pioneer Corporation.) PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Prime World Version 10.1 (HKLM-x32\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 10.1 - Nival) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.304 - Qualcomm Atheros) Qualcomm Atheros Killer Network Manager (Version: 6.1.0.304 - Qualcomm Atheros) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.) RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - ) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) RollerCoaster Tycoon® 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - ) ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sound Blaster Recon3Di (HKLM-x32\...\{C8AAFCDC-CD3A-40AD-9FA9-07FB70F08224}) (Version: 1.00.08 - Creative Technology Limited) Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0018 - ST Microelectronics) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Sublime Text 2.0.1 (HKLM\...\Sublime Text 2_is1) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.4.0 - Synaptics Incorporated) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer) Terraria (HKLM-x32\...\Steam App 105600) (Version: - ) The Polynomial (HKLM-x32\...\Steam App 67000) (Version: - Dmytry Lavrov) Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts) TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.) Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 3.1 - Verbindungsassistent) Version 1.01 (HKLM-x32\...\Sport-DJ_is1) (Version: - ) VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions) VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP) WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (01/19/2011 5.1.2600.5512) (HKLM\...\2DC11E587B8BA912FF8FD5433B426EE46F8E22DD) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.) Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (12/06/2012 5.1.2600.5512) (HKLM\...\F731C4A8B354FB9B7579C5D98402D2F988E8B95C) (Version: 12/06/2012 5.1.2600.5512 - dji-innovations inc.) Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI) Windows-Treiberpaket - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-829858747-3269657560-2013248277-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-02-19 14:26 - 2015-02-19 14:26 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {3F7E5641-C08A-4F58-BBF6-12D0CEB8E023} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {4A3A143C-2D3C-4820-839B-E683FA90F25A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {4F026846-FCB2-4C8B-A567-4D06572BBFDA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {574111F7-9E9D-4B95-8DB7-039BDC40F840} - System32\Tasks\SSBkgdUpdate => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.) Task: {582C1351-0A8B-400A-B5D6-FB758ABB587F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {61317184-1406-4FAE-A386-08849785BFB2} - System32\Tasks\Opera scheduled Autoupdate 1424293363 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software) Task: {6142C201-7FF1-47E7-9BD3-5D6139C180F4} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {9EBEE2CA-8B1C-43E3-81F6-57A80C570466} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A1992B46-7C93-4458-89FE-C61CA4C00196} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {A285A914-CAD2-4ED6-AA85-2BACA9F0422E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {DBF47455-4FA1-4DF3-908B-FADDD23A3D61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-18] (Adobe Systems Incorporated) Task: {ECCFDDB6-B8BA-4ABB-B9CD-01020EA1E7BE} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {EE7CC445-5949-46EA-89BC-3DFCF65E3711} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2013-04-23 11:54 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-09 11:25 - 2015-02-09 11:25 - 00211968 _____ () C:\Users\André\AppData\Local\dashboardtxview64\dashboardtxview64.exe 2015-02-16 11:43 - 2006-11-10 07:12 - 00099936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2013-08-02 13:05 - 2013-07-27 09:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll 2013-04-27 20:12 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2012-02-15 20:37 - 2012-02-15 20:37 - 00549888 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe 2011-05-10 01:46 - 2011-05-10 01:46 - 02760192 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll 2011-05-10 01:56 - 2011-05-10 01:56 - 09856000 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll 2011-05-10 01:48 - 2011-05-10 01:48 - 00990720 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll 2011-05-10 01:47 - 2011-05-10 01:47 - 00416256 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00217600 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll 2011-05-10 17:32 - 2011-05-10 17:32 - 00731648 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00404992 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modApplications.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00036864 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFeatures.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00025088 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFraps.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00241152 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modGraph.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00062464 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modlcd.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00289280 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNetwork.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00184832 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNpu.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00210944 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOptions.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00055808 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOverview.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00329216 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll 2012-02-15 20:37 - 2012-02-15 20:37 - 00492032 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe 2014-11-24 12:48 - 2014-11-24 12:48 - 00713528 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2013-05-11 19:50 - 2010-11-18 12:09 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe 2013-04-23 11:55 - 2012-01-27 03:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE 2014-11-24 12:49 - 2014-11-24 12:49 - 00856888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll 2015-02-09 11:25 - 2015-02-09 11:25 - 00451072 _____ () C:\Users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe 2015-02-18 22:02 - 2015-02-10 08:58 - 00552056 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\opera_crashreporter.exe 2015-02-04 14:45 - 2015-01-19 13:29 - 00083456 _____ () C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe 2011-03-04 11:49 - 2011-03-04 11:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2013-04-27 20:12 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-09 11:25 - 2014-07-08 09:22 - 00095232 _____ () C:\Users\André\AppData\Local\dashboardtxview64\qjson0.dll 2015-01-16 16:34 - 2015-01-16 16:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll 2015-02-18 22:02 - 2015-02-10 08:58 - 01408632 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\libglesv2.dll 2015-02-18 22:02 - 2015-02-10 08:58 - 00219256 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\libegl.dll 2015-02-18 22:02 - 2015-02-10 08:58 - 09510520 _____ () C:\Program Files (x86)\Opera\27.0.1689.69_0\pdf.dll 2015-02-18 22:43 - 2015-02-18 22:43 - 14968496 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_108.dll 2014-10-16 18:21 - 2014-10-16 18:21 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\712c383e9837b8c37b3107f22be9455c\PSIClient.ni.dll 2013-04-23 11:41 - 2012-02-01 23:44 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-829858747-3269657560-2013248277-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-829858747-3269657560-2013248277-500 - Administrator - Disabled) André (S-1-5-21-829858747-3269657560-2013248277-1001 - Administrator - Enabled) => C:\Users\André Gast (S-1-5-21-829858747-3269657560-2013248277-501 - Limited - Disabled) UpdatusUser (S-1-5-21-829858747-3269657560-2013248277-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/19/2015 02:55:44 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert . Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 02:55:44 PM) (Source: VSS) (EventID: 22) (User: ) Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert. Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist. Der von CoCreateInstance für die Klasse mit CLSID "{f5078f32-c551-11d3-89b9-0000f81fe221}" und dem Namen "MSXML30" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert ]. Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 02:29:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 02:28:13 PM) (Source: SignInAssistant) (EventID: 0) (User: ) Description: InitializeSvcAPI failed with hr = 0x80040154 Error: (02/19/2015 02:27:34 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcUnregistering VAD endpoint [0] Error: (02/19/2015 02:27:31 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registered successfully [0] Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert . Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 22) (User: ) Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert. Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist. Der von CoCreateInstance für die Klasse mit CLSID "{f5078f32-c551-11d3-89b9-0000f81fe221}" und dem Namen "MSXML30" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert ]. Vorgang: Für die Sicherung initialisieren System errors: ============= Error: (02/19/2015 02:38:05 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.193.90.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.7.0205.00 Quellpfad: 4.7.0205.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (02/19/2015 02:37:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (02/19/2015 02:37:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (02/19/2015 02:29:47 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: ) Description: WMPNetworkSvc0x8007007e Error: (02/19/2015 02:29:43 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: ) Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt Feature: %%886 Fehlercode: 0x8007007e Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden. Grund: %%892 Error: (02/19/2015 02:29:42 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: ) Description: WMPNetworkSvc0x8007007e Error: (02/19/2015 02:29:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147221164 Error: (02/19/2015 02:29:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: %%-2147221164 Error: (02/19/2015 02:29:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "dashboardtxview64.exe" wurde nicht richtig gestartet. Error: (02/19/2015 02:27:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "DriverLINX Port I/O Driver" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Microsoft Office Sessions: ========================= Error: (02/19/2015 02:55:44 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 02:55:44 PM) (Source: VSS) (EventID: 22) (User: ) Description: {f5078f32-c551-11d3-89b9-0000f81fe221}MSXML300x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 02:29:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 02:28:13 PM) (Source: SignInAssistant) (EventID: 0) (User: ) Description: InitializeSvcAPI failed with hr = 0x80040154 Error: (02/19/2015 02:27:34 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcUnregistering VAD endpoint [0] Error: (02/19/2015 02:27:31 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registered successfully [0] Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren Error: (02/19/2015 01:10:14 PM) (Source: VSS) (EventID: 22) (User: ) Description: {f5078f32-c551-11d3-89b9-0000f81fe221}MSXML300x80040154, Klasse nicht registriert Vorgang: Für die Sicherung initialisieren CodeIntegrity Errors: =================================== Date: 2015-02-18 23:05:46.082 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-18 23:05:46.061 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-09 14:33:54.015 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-02-09 14:33:53.992 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 15:52:51.094 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-10 15:52:51.062 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz Percentage of memory in use: 26% Total physical RAM: 12170.31 MB Available physical RAM: 8994.98 MB Total Pagefile: 24338.8 MB Available Pagefile: 20800.39 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:494.55 GB) (Free:203.78 GB) NTFS Drive d: (DATAPART1) (Fixed) (Total:29.81 GB) (Free:28.38 GB) NTFS Drive f: (Musik) (Fixed) (Total:195.31 GB) (Free:76.78 GB) NTFS Drive h: (RCT3_WILD) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: B55A8670) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=8.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=494.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=195.3 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: B55ABA8A) Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
19.02.2015, 15:00 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
19.02.2015, 20:14 | #15 |
| edealspop und n10.adshostnet.com/ads? stört mich beim Surfen Malware: schutz-protokoll Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 19.02.2015 10:38:48, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Starting, Protection, 19.02.2015 10:38:48, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Started, Protection, 19.02.2015 10:38:48, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Starting, Protection, 19.02.2015 10:40:28, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Started, Update, 19.02.2015 12:45:49, SYSTEM, ALIENWAREGAMING, Scheduler, Failed, Unable to access update server, Detection, 19.02.2015 12:47:41, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 50809, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:47:41, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 50809, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:47:41, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 50812, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:47:59, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 50928, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:48:06, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 50976, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:48:23, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51013, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:48:30, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51042, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:48:51, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51095, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:48:58, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51120, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:49:17, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51161, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 12:49:52, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51215, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Protection, 19.02.2015 12:50:28, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopping, Protection, 19.02.2015 12:50:29, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopped, Protection, 19.02.2015 12:50:29, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopping, Protection, 19.02.2015 12:50:30, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopped, Protection, 19.02.2015 12:53:39, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Starting, Protection, 19.02.2015 12:53:39, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Started, Protection, 19.02.2015 12:53:39, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Starting, Protection, 19.02.2015 12:55:21, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Started, Protection, 19.02.2015 13:11:57, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopping, Protection, 19.02.2015 13:11:57, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopped, Protection, 19.02.2015 13:11:57, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopping, Protection, 19.02.2015 13:11:57, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopped, Protection, 19.02.2015 14:27:35, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Starting, Protection, 19.02.2015 14:27:35, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Started, Protection, 19.02.2015 14:27:35, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Starting, Protection, 19.02.2015 14:29:40, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Started, Detection, 19.02.2015 14:30:58, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 49800, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:30:58, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 49800, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:30:58, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 49801, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:31:09, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 50046, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:31:24, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 50090, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:49:01, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51255, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:49:01, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.228, adrotator.se, 51255, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:49:06, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 5.150.195.169, adrotator.se, 51273, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:49:06, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 5.150.195.169, adrotator.se, 51273, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 14:51:43, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 5.150.195.169, adrotator.se, 51500, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Protection, 19.02.2015 14:54:59, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopping, Protection, 19.02.2015 14:54:59, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopped, Protection, 19.02.2015 14:54:59, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopping, Protection, 19.02.2015 14:54:59, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopped, Protection, 19.02.2015 15:03:07, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Starting, Protection, 19.02.2015 15:03:07, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Started, Protection, 19.02.2015 15:03:07, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Starting, Protection, 19.02.2015 15:03:07, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Started, Update, 19.02.2015 15:03:21, SYSTEM, ALIENWAREGAMING, Manual, Malware Database, 2015.2.18.9, 2015.2.19.5, Protection, 19.02.2015 15:03:21, SYSTEM, ALIENWAREGAMING, Protection, Refresh, Starting, Protection, 19.02.2015 15:03:21, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopping, Protection, 19.02.2015 15:03:21, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopped, Protection, 19.02.2015 15:03:25, SYSTEM, ALIENWAREGAMING, Protection, Refresh, Success, Protection, 19.02.2015 15:03:25, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Starting, Protection, 19.02.2015 15:03:25, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Started, Detection, 19.02.2015 15:06:00, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 52593, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 15:06:00, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 52593, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 15:06:01, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 52595, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 15:06:16, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 52646, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Detection, 19.02.2015 15:06:25, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, IP, 80.252.188.229, adrotator.se, 52670, Outbound, C:\Program Files (x86)\Opera\27.0.1689.69_0\opera.exe, Scan, 19.02.2015 15:14:12, SYSTEM, ALIENWAREGAMING, Manual, Start: % 1 "% 2", Dauer: % 1 min 10 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, Protection, 19.02.2015 15:14:41, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopping, Protection, 19.02.2015 15:14:41, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Stopped, Protection, 19.02.2015 15:14:41, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopping, Protection, 19.02.2015 15:14:42, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Stopped, Protection, 19.02.2015 20:12:44, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Starting, Protection, 19.02.2015 20:12:44, SYSTEM, ALIENWAREGAMING, Protection, Malware Protection, Started, Protection, 19.02.2015 20:12:48, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Starting, Protection, 19.02.2015 20:12:48, SYSTEM, ALIENWAREGAMING, Protection, Malicious Website Protection, Started, (end) ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=8ca566f9d0b6964b9a5550a88b362e8b # engine=22551 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-02-19 07:08:49 # local_time=2015-02-19 08:08:49 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Microsoft Security Essentials' # compatibility_mode=5895 16777213 100 100 642272 65686245 0 0 # scanned=486170 # found=23 # cleaned=0 # scan_time=17452 sh=D2DCCFB4FE655C8E5E4867F9A15F56AEEA9977C5 ft=1 fh=3d3f7ab02d17a7b1 vn="Variante von Win32/VOPackage.BP evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\André\AppData\Roaming\ASPackage\asrunasu.exe.vir" sh=031354307C5A12046B871503E153FC012609EC7A ft=1 fh=959b5f6c75425872 vn="Variante von Win32/Adware.AdService.AD Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\André\AppData\Roaming\ASPackage\ASSrv.exe.vir" sh=4BD0487D0FAB1F6A5FF50804A8AB3E9483666419 ft=1 fh=c71c00114b43a950 vn="Variante von Win32/Adware.MultiPlug.DX Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\DealDragon\HotDealsa.dll" sh=C02F227A9DD4F15CF5574CB9822EC0D0AFDFE269 ft=1 fh=f8eb500258be1760 vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Hot Jingle Player\Uninstall.exe" sh=078A82F1B7F616E77A39DFFCF3A74ECD7CAD1700 ft=1 fh=c71c00111fff4264 vn="Variante von Win32/Skintrim.NE.Gen Trojaner" ac=I fn="C:\Users\André\AppData\Local\hrbug.exe" sh=BBB0960277A7E0C41B5159DBC6286B97EB833FD6 ft=1 fh=c71c00114b4e31d5 vn="Variante von Win32/Skintrim.NO Trojaner" ac=I fn="C:\Users\André\AppData\Local\wngofv.exe" sh=C0969DF5DD611CC48EBF5FFB51AAC5A48B920DE5 ft=1 fh=c71c0011d9b46d79 vn="Variante von Win32/Adware.Pirrit.R Anwendung" ac=I fn="C:\Users\André\AppData\Local\dashboardtxview64\firmwarekernelUI.exe" sh=AF49DF8B2DEBA24F3E15700CEE93BDD057EF28CA ft=1 fh=c71c0011b7854b01 vn="Variante von MSIL/TrojanDropper.Agent.BFS Trojaner" ac=I fn="C:\Users\André\Desktop\Eigenschaften\Schule\inf\Tune up utility 2013\Tune up utility 2013.exe" sh=C669C42C32D1BB82056A0F3FF6AD2096869BC6E9 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AWYM Trojaner" ac=I fn="C:\Users\André\Desktop\UseNeXT\90er\alt.binaries.mp3\Snap-Rhythm_Is_A_Dancer-(885_308)-CDM-FLAC-1992-WRE.rar" sh=39D82EEB76BA9FFE54B9F80325E26485245DAEC1 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.CYM Trojaner" ac=I fn="C:\Users\André\Desktop\UseNeXT\90er\alt.binaries.nl\Dune_-_Hardcore_Vibes_RTone-Bluebox.rar" sh=821818819B99E78B12E2883E42892C6933613084 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.CYM Trojaner" ac=I fn="C:\Users\André\Desktop\UseNeXT\90er\alt.binaries.nl\Tiga_and_Zyntherius_-_Sunglasses_at_Night_RTone-Bluebox.rar" sh=D8658959B782236151629045367108EE351FF2A2 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\André\Downloads\ipswDownloader_v201_win (1).zip" sh=D8658959B782236151629045367108EE351FF2A2 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\André\Downloads\ipswDownloader_v201_win.zip" sh=F07D5ABD9D2BA37E8BD7C12950C53FA029F6EA16 ft=1 fh=e381a374218ba866 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\André\Downloads\scary-halloween-sounds (1).exe" sh=D07372C412F7063A93A9B2CFC0475362BB643A5D ft=1 fh=e381a374218ba866 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\André\Downloads\scary-halloween-sounds.exe" sh=9BCE9F9D07E7A0C0F4183BB3ECD70E73B4ADEE88 ft=1 fh=8c894a88c3df88a0 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\André\Downloads\SUPERAntiSpyware_CB-DL-Manager.exe" sh=CF54558AC105F39DAA2357376E9FC8C04A452FB2 ft=1 fh=a245b9a60105caa2 vn="Win32/Adware.Pirrit.S Anwendung" ac=I fn="C:\Windows\System32\controlfirmwareGUI\controlfirmwareGUI.exe" sh=737798535E7A693ADC760EA4132D12D387D34356 ft=1 fh=96fbfd2a42e1df7c vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\dnkt.exe" sh=181241E6431887DC27F4E2B92159F77D82831893 ft=1 fh=80d13d017bfcdcc5 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5113\nsib.dll" sh=CF54558AC105F39DAA2357376E9FC8C04A452FB2 ft=1 fh=a245b9a60105caa2 vn="Win32/Adware.Pirrit.S Anwendung" ac=I fn="C:\Windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe" sh=737798535E7A693ADC760EA4132D12D387D34356 ft=1 fh=96fbfd2a42e1df7c vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\dnkt.exe" sh=181241E6431887DC27F4E2B92159F77D82831893 ft=1 fh=80d13d017bfcdcc5 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5113\nsib.dll" sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Adware.Pirrit.R Anwendung" ac=I fn="${Memory}" |
Themen zu edealspop und n10.adshostnet.com/ads? stört mich beim Surfen |
abend, amazon, auf einmal, bild, edealspop, folge, folgendes, guten, hilft, pop-ups, seite, seiten, sobald, stört, surfe, surfen, virus, website, weiterhelfen, werbung, öfters |