| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Gruppenrichtlinien blockieren Programme und NeuinstallationenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
| |
20.03.2015, 17:47
| #1 |
| |  Gruppenrichtlinien blockieren Programme und Neuinstallationen Hallo zusammen, auf meinem Notebook habe ich seit einigen Tagen das nervige Problem, dass mir die Gruppenrichtlinen das Leben schwer machen. Es können keine neuen Programme installiert werden und auch Antivir führt keinen Scan durch sondern weisst auf die Gruppenrichtlinien hin. Ich verwende ein Notebook mit Windows 7 Pro 64bit. Malwarebytes und auch Chameleon lässt sich nicht installieren. Bereits installierte Programme und Spiele lassen sich starten. FRST Log anbei... Schon mal vorab vielen Dank für die Mühe... Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Bialata at 2015-03-20 18:29:10
Running from C:\Users\***.***\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Akamai) (Version: - Akamai Technologies, Inc)
Any Video Converter 5.7.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoCAD Mechanical 2014 - Deutsch (German) (Version: 18.0.17.0 - Autodesk) Hidden
AutoCAD Mechanical 2014 Language Pack - Deutsch (German) (Version: 18.0.17.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD Mechanical 2014 - Deutsch (German) (HKLM\...\AutoCAD Mechanical 2014 - Deutsch (German)) (Version: 18.0.17.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{C897D9EC-13C6-4A22-ABF7-33F2126A7DB6}) (Version: 3.0.8.0 - Autodesk, Inc.)
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Simulation Moldflow Adviser 2014 (HKLM\...\Autodesk Simulation Moldflow Adviser 2014) (Version: 14.2.13293.395 - Autodesk)
Autodesk Simulation Moldflow Adviser 2014 (Version: 14.2.13293.395 - Autodesk) Hidden
Autodesk Simulation Moldflow Adviser 2014 ASMA-SP2-64bit (HKLM\...\Autodesk Simulation Moldflow Adviser 2014 ASMA-SP2-64bit ) (Version: 14.2.13293.395 - Autodesk)
Autodesk Simulation Moldflow Adviser 2014 English Language Pack (Version: 14.0.13095.314 - Autodesk) Hidden
Autodesk Simulation Moldflow Adviser 2015 (HKLM\...\Autodesk Simulation Moldflow Adviser 2015) (Version: 15.2.14374.768 - Autodesk)
Autodesk Simulation Moldflow Adviser 2015 (Version: 15.2.14374.768 - Autodesk) Hidden
Autodesk Simulation Moldflow Adviser 2015 English Language Pack (Version: 15.1.14201.749 - Autodesk) Hidden
Autodesk Simulation Moldflow Adviser 2015 SP2-64bit (HKLM\...\Autodesk Simulation Moldflow Adviser 2015 SP2-64bit ) (Version: 15.2.14374.768 - Autodesk)
Autodesk Simulation Moldflow Communicator 2014 (HKLM\...\Autodesk Simulation Moldflow Communicator 2014) (Version: 14.2.13293.395 - Autodesk)
Autodesk Simulation Moldflow Communicator 2014 (Version: 14.2.13293.395 - Autodesk) Hidden
Autodesk Simulation Moldflow Communicator 2014 ASMC-SP2-64bit (HKLM\...\Autodesk Simulation Moldflow Communicator 2014 ASMC-SP2-64bit ) (Version: 14.2.13293.395 - Autodesk)
Autodesk Simulation Moldflow Communicator 2014 English Language Pack (HKLM\...\{753C779D-0564-2014-0001-8FF1C120CB5E}) (Version: 14.0.13095.314 - Autodesk)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.120 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Camera Window (x32 Version: 4.0.1 - Canon) Hidden
Canon Camera WIA Driver (x32 Version: 5.0.3 - Canon) Hidden
Canon Camera Window for ZoomBrowser EX (HKLM-x32\...\InstallShield_{2D6BDF3A-6BDB-4169-909F-E882F23AB795}) (Version: 4.0.1 - Canon)
Canon MV650i WIA-Treiber (HKLM-x32\...\InstallShield_{D68C0E11-A4F1-47C5-B6FA-9382716F6B31}) (Version: 5.0.3 - Canon)
Canon PhotoRecord (HKLM-x32\...\PhotoRecord) (Version: - )
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{A3E0FF15-90D5-40CD-8565-B80A433B0D4C}) (Version: 3.1.8 - Canon)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 04.00.0200 - CISRA)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.4020 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.6.19.204_WHQL (HKLM\...\Elantech) (Version: 11.6.19.204 - ELAN Microelectronic Corp.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freeciv 2.4.2 (GTK+2 client) (HKLM-x32\...\Freeciv-2.4.2-gtk2) (Version: - )
GO-Global Client (HKLM-x32\...\{4EE4B3B1-39EC-42DB-9693-14EA20C0C48F}) (Version: 4.5.0.13211 - GraphOn Corporation)
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 8500 A909 Series (HKLM\...\{F86D9734-D358-4C5B-BC2B-6D90557FF05B}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
InLoox PM (HKLM-x32\...\InLoox PM) (Version: 7.6.4 - InLoox)
InLoox PM (x32 Version: 7.6.4 - InLoox) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.0.1428.1) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MPM (HKLM-x32\...\{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}) (Version: 1.00.0000 - Hewlett-Packard)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PhotoStitch (x32 Version: 3.1.8 - Canon) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28130 - Realtek Semiconductor Corp.)
Return to Castle Wolfenstein (HKLM-x32\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision, Inc.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth Update v1.0.1.607 (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sophos SSL VPN Client 2.1 (HKLM-x32\...\Sophos SSL VPN Client) (Version: 2.1 - )
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Stronghold Crusader 2_is1) (Version: 1.0 - ENiGMA)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Video Grabber (HKLM-x32\...\{65C3253A-E984-4769-BC33-CBC8F059C408}) (Version: 1.00.0000 - dexatek)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Zarafa Outlook Client 7.1.10.44973 (HKLM-x32\...\{EF8A756A-CB42-4BDD-B470-2435C6D0E026}) (Version: 7.1.44973 - Zarafa)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
==================== Loaded Modules (whitelisted) ==============
2015-02-06 05:48 - 2015-01-10 09:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2014-08-28 13:16 - 2014-08-28 13:16 - 00480992 _____ () C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 61.177.7.1 - 221.228.255.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
==================== Accounts: =============================
Administrator (S-1-5-21-3778032037-393505111-1495073008-500 - Administrator - Enabled)
Gast (S-1-5-21-3778032037-393505111-1495073008-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/20/2015 06:00:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:58:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (03/20/2015 05:58:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (03/20/2015 05:58:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (03/20/2015 05:56:36 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (03/20/2015 05:56:36 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (03/20/2015 05:56:36 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (03/20/2015 05:55:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (03/20/2015 05:55:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (03/20/2015 05:55:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
System errors:
=============
Error: (03/20/2015 06:28:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/20/2015 06:28:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Device Monitor erreicht.
Error: (03/20/2015 06:28:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/20/2015 06:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Device Monitor erreicht.
Error: (03/20/2015 06:16:40 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: BUKBN)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (03/20/2015 06:16:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth OBEX Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/20/2015 06:16:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth OBEX Service erreicht.
Error: (03/20/2015 06:16:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/20/2015 06:16:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Device Monitor erreicht.
Error: (03/20/2015 06:00:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth OBEX Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (03/20/2015 06:00:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:58:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (03/20/2015 05:58:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (03/20/2015 05:58:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (03/20/2015 05:56:36 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (03/20/2015 05:56:36 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (03/20/2015 05:56:36 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (03/20/2015 05:55:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (03/20/2015 05:55:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (03/20/2015 05:55:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 31%
Total physical RAM: 8072.36 MB
Available physical RAM: 5562.07 MB
Total Pagefile: 16142.9 MB
Available Pagefile: 13495.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.97 GB) (Free:19.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Volume) (Fixed) (Total:140.41 GB) (Free:16.01 GB) NTFS
Drive f: (Lords III) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:3.78 GB) (Free:3.69 GB) FAT32
==================== MBR & Partition Table ==================
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Bialata (ATTENTION: The logged in user is not administrator) on BUK-PB on 20-03-2015 18:28:49
Running from C:\Users\***.BUKBN\Desktop
Loaded Profiles: *** (Available profiles: *** & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> WLTRYSVC.EXE
Failed to access process -> BCMWLTRY.EXE
Failed to access process -> spoolsv.exe
Failed to access process -> sched.exe
Failed to access process -> svchost.exe
Failed to access process -> AdAppMgrSvc.exe
Failed to access process -> armsvc.exe
Failed to access process -> amajm.exe
Failed to access process -> amajm.exe
Failed to access process -> avguard.exe
Failed to access process -> svchost.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> Connect.Service.ContentService.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> GfExperienceService.exe
Failed to access process -> UpdateService.exe
Failed to access process -> svchost.exe
Failed to access process -> RIconMan.exe
Failed to access process -> inetinfo.exe
Failed to access process -> HeciServer.exe
Failed to access process -> mqsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> NvNetworkService.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> openvpnserv.exe
Failed to access process -> svchost.exe
Failed to access process -> RichVideo.exe
Failed to access process -> svchost.exe
Failed to access process -> TeamViewer_Service.exe
Failed to access process -> svchost.exe
Failed to access process -> WLIDSVC.EXE
Failed to access process -> ZarafaUpdaterService.exe
Failed to access process -> mqtgsvc.exe
Failed to access process -> WLIDSVCM.EXE
Failed to access process -> nvstreamsvc.exe
Failed to access process -> conhost.exe
Failed to access process -> avshadow.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> WUDFHost.exe
Failed to access process -> iPodService.exe
Failed to access process -> svchost.exe
Failed to access process -> IAStorDataMgrSvc.exe
Failed to access process -> Jhi_service.exe
Failed to access process -> LMS.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> nvxdsync.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> conhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
Failed to access process -> tv_w32.exe
Failed to access process -> tv_x64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Akamai Technologies, Inc.) C:\Users\***.BUKBN\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) E:\Software\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Akamai Technologies, Inc.) C:\Users\***.BUKBN\AppData\Local\Akamai\netsession_win.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Autodesk Inc.) C:\Users\***.BUKBN\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Valve Corporation) E:\Software\Steam\bin\steamwebhelper.exe
Failed to access process -> SteamService.exe
Failed to access process -> wmpnetwk.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2014-10-21] (Broadcom Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508144 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [Zarafa auto-updater launcher] => C:\Program Files (x86)\Zarafa\Zarafa Outlook Client\ZarafaLaunchUpdater.exe [73816 2014-05-23] ()
HKLM-x32\...\Run: [InLooxRegisterAddin] => C:\Program Files (x86)\InLoox\InLoox PMRegisterAddin.exe "register_local"
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UpdatePDRShortCut] => e:\Program Files (x86)\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [480992 2014-08-28] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HIDESCAHEALTH] 1
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Run: [Akamai NetSession Interface] => C:\Users\***.BUKBN\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Run: [DAEMON Tools Pro Agent] => E:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3125280 2013-10-17] (Disc Soft Ltd)
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Run: [Steam] => E:\Software\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Policies\Explorer: []
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\MountPoints2: {abb1bf7e-a540-11e4-8ad0-b0104113f6bc} - F:\Autorun.exe
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\MountPoints2: {abb1bf83-a540-11e4-8ad0-b0104113f6bc} - G:\starter.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-01-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-01-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6nzrsASZYUX-op3crMwWXLibaC-PEDz3hU9ocwt5N7jgXGPq1XYQnPLjhQ3mrounAdB3yxKgXzqiojWOInsII,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6rtFD3LsUjR6ElB4d2dp2mCSmn3bAnGloKr4vRDhwkdJznQmy1X0UwioM0uuZOqhPU2y3_NDaRQhM2ipYnyxU,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6rtFD3LsUjR6ElB4d2dp2mCSmn3bAnGloKr4vRDhwkdJznQmy1X0UwioM0uuZOqhPU2y3_NDaRQhM2ipYnyxU,&q={searchTerms}
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6rtFD3LsUjR6ElB4d2dp2mCSmn3bAnGloKr4vRDhwkdJznQmy1X0UwioM0uuZOrbUoGr7BkyWGKVOVCdylIYU,&q={searchTerms}
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6nzrsASZYUX-op3crMwWXLibaC-PEDz3hU9ocwt5N7jgXGPq1XYQnPLjhQ3mrovRRPfCozUhefJfR9NijkRFg,
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6rtFD3LsUjR6ElB4d2dp2mCSmn3bAnGloKr4vRDhwkdJznQmy1X0UwioM0uuZOrbUoGr7BkyWGKVOVCdylIYU,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-2369186716-1750149603-3556569294-1627 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6rtFD3LsUjR6ElB4d2dp2mCSmn3bAnGloKr4vRDhwkdJznQmy1X0UwioM0uuZOrbUoGr7BkyWGKVOVCdylIYU,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2369186716-1750149603-3556569294-1627 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6rtFD3LsUjR6ElB4d2dp2mCSmn3bAnGloKr4vRDhwkdJznQmy1X0UwioM0uuZOrbUoGr7BkyWGKVOVCdylIYU,&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-05] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-05] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
Toolbar: HKLM - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM-x32 - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
DPF: HKLM-x32 {1241F20B-0688-45A5-ADB2-208AFE4A5DDC}
Tcpip\Parameters: [DhcpNameServer] 61.177.7.1 221.228.255.1
FireFox:
========
FF ProfilePath: C:\Users\***.BUKBN\AppData\Roaming\Mozilla\Firefox\Profiles\xk084eot.default
FF SelectedSearchEngine: SafeFinder Search
FF Homepage: about:home
FF Keyword.URL: hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpXtbiEXtRrG4dUOK2IIYan2FD-QwaJxj8SoOXJ9qV1f50mhNeCMfqWNg-bsFXCHpKO_21prLEhLrr6rtFD3LsUjR6ElB4d2dp2mCSmn3bAnGloKr4vRDhwkdJznQmy1X0UwioM0uuZOqhPU2y3_NDaRQhM2ipYnyxU,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\***.BUKBN\AppData\Roaming\Mozilla\Firefox\Profiles\xk084eot.default\searchplugins\google-images.xml [2014-12-05]
FF SearchPlugin: C:\Users\***.BUKBN\AppData\Roaming\Mozilla\Firefox\Profiles\xk084eot.default\searchplugins\google-maps.xml [2014-12-05]
FF SearchPlugin: C:\Users\***.BUKBN\AppData\Roaming\Mozilla\Firefox\Profiles\xk084eot.default\searchplugins\SafeFinder Search.xml [2015-02-17]
FF Extension: Avira Browser Safety - C:\Users\***.BUKBN\AppData\Roaming\Mozilla\Firefox\Profiles\xk084eot.default\Extensions\abs@avira.com [2015-03-09]
FF HKLM-x32\...\Firefox\Extensions: [support@graphon.com] - C:\Program Files (x86)\GraphOn\GO-Global\Plugin\gg-nsplugin_ff3.windows
FF Extension: GraphOn GO-Global - C:\Program Files (x86)\GraphOn\GO-Global\Plugin\gg-nsplugin_ff3.windows [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-10-24]
FF HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-2369186716-1750149603-3556569294-1627\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\***.BUKBN\AppData\Roaming\Mozilla\Firefox\Profiles\xk084eot.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 amajm2014; C:\Program Files\Autodesk\Simulation Moldflow Adviser 2014\bin\amajm.exe [968480 2013-07-17] (Autodesk, Inc.)
R2 amajm2015; C:\Program Files\Autodesk\Simulation Moldflow Adviser 2015\bin\amajm.exe [975104 2014-05-12] (Autodesk, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 GGUpdateClient; C:\Program Files (x86)\GraphOn\GO-Global\Client\UpdateService.exe [246392 2012-08-22] (GraphOn Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2014-08-28] (The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2014-08-28] (The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2008-12-31] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2014-10-21] (Broadcom Corporation) [File not signed]
R2 ZarafaUpdaterService.exe; C:\Program Files (x86)\Zarafa\Zarafa Outlook Client\ZarafaUpdaterService.exe [1973848 2014-05-23] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [907904 2010-05-15] (ITE Technologies )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-26] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-26] (Duplex Secure Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== Files in the root of some directories =======
2014-11-08 11:46 - 2015-01-23 14:40 - 0009090 _____ () C:\Users\***.BUKBN\AppData\Roaming\.freeciv-client-rc-2.4
2014-10-21 14:58 - 2015-03-20 18:16 - 0023100 _____ () C:\Users\***.BUKBN\AppData\Roaming\ZarafaLaunchUpdater.log
2014-10-20 13:44 - 2014-10-20 13:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-24 09:32 - 2014-10-24 10:03 - 0000437 _____ () C:\ProgramData\hpzinstall.log
2014-10-22 10:04 - 2014-10-22 10:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-10-21 14:58 - 2015-03-20 18:17 - 0053276 _____ () C:\ProgramData\ZarafaUpdaterService.log
Some content of TEMP:
====================
C:\Users\***.BUKBN\AppData\Local\Temp\avgnt.exe
C:\Users\***.BUKBN\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\***.BUKBN\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Geändert von balu1980 (20.03.2015 um 18:41 Uhr) |
| Themen zu Gruppenrichtlinien blockieren Programme und Neuinstallationen |
| administrator, adobe, akamai, antivir, avira, browser, canon, defender, desktop, explorer, firefox, geforce, home, homepage, mozilla, nvidia, officejet, opera, problem, realtek, registry, rundll, scan, software, system, usb, windows |
Baum-Darstellung