|
Plagegeister aller Art und deren Bekämpfung: rdsrv.com?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
24.03.2015, 20:42 | #1 |
| rdsrv.com? Hallo und HILFE! Ich habe anscheinend das o.g. Problem. FRST bringt das hier: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Willi (administrator) on WILLI-PC on 24-03-2015 20:34:36 Running from C:\Users\Willi\Music\Musik 2015\2015-03 Promos Loaded Profiles: Willi (Available profiles: Willi) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (REINER SCT) C:\Windows\System32\cjpcsc.exe (shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Users\Willi\AppData\Local\Amazon Music\Amazon Music Helper.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe (Microsoft Corporation) C:\Users\Willi\Music\Musik 2015\2015-03 Promos\Windows-KB890830-V5.22.exe (Microsoft Corporation) C:\1813b2226e358b7858\mrtstub.exe (Microsoft Corporation) C:\Windows\System32\MRT.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.) HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-06] (Realtek Semiconductor) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [TrayServer] => C:\Program Files\MAGIX\Video_deluxe_17\TrayServer.exe [90112 2008-08-07] (MAGIX AG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [] => [X] HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}] => "C:\Users\Willi\AppData\Local\Temp\Temp1_MixedInKey_Version5_(794).zip\MixedInKey_Version5_(794).exe" /cmdloc "HKCU\Software\Mixed In Key LLC AiTemp\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}" <===== ATTENTION HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [] => [X] HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [Amazon Music] => C:\Users\Willi\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] () HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-02] (Google Inc.) HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.ebay.de/ HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001 -> DefaultScope {A37A9341-F37B-42D3-A57F-540A6B7575A8} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7NDKB_deDE543 SearchScopes: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001 -> {A37A9341-F37B-42D3-A57F-540A6B7575A8} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7NDKB_deDE543 BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation) BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Toolbar: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D030115-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961 FF DefaultSearchEngine: Google Default FF SelectedSearchEngine: Bing FF Homepage: google.com FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p= FF NetworkProxy: "socks_remote_dns", true FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-04-29] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-08-03] ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin HKU\S-1-5-21-2237614562-1304385355-4267408445-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-29] (Amazon.com, Inc.) FF SearchPlugin: C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\searchplugins\google-default.xml [2015-03-01] FF Extension: FoxyProxy Standard - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\foxyproxy@eric.h.jung [2015-03-23] FF Extension: Garmin Communicator - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-07-18] FF Extension: Address Bar Search - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [2014-10-18] FF Extension: Bitdefender QuickScan - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-03-23] FF Extension: anonymoX - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\client@anonymox.net.xpi [2013-12-15] FF Extension: Soundcloud.com: Enable downloading for every track - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\sound@cloud.com.xpi [2011-11-13] FF Extension: NoScript - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-23] FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2011-11-13] FF Extension: Video DownloadHelper - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-23] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-15] FF HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR Profile: C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-29] CHR Extension: (YouTube) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-03] CHR Extension: (Google Search) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-03] CHR Extension: (Google Wallet) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-07] CHR Extension: (Gmail) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-03] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor10.0; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated) R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [511920 2011-07-22] (REINER SCT) R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2009-07-07] (Advanced Micro Devices Inc.) R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed] R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-24 20:33 - 2015-03-24 20:34 - 00000000 ____D () C:\FRST 2015-03-24 19:43 - 2015-03-24 19:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-24 18:43 - 2015-03-24 20:00 - 00000000 ____D () C:\AdwCleaner 2015-03-23 19:24 - 2015-03-24 18:40 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\Enigma Software Group 2015-03-23 19:15 - 2015-03-23 19:15 - 00000000 ____D () C:\Program Files\Enigma Software Group 2015-03-23 19:06 - 2015-03-24 19:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2015-03-23 18:47 - 2015-03-23 18:47 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\QuickScan 2015-03-11 16:52 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 16:52 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 16:52 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 16:52 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 16:52 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 16:52 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 16:52 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 16:52 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 16:52 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 16:52 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 16:52 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 16:52 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 16:52 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 16:52 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 16:52 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 16:52 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 16:52 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 16:52 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 16:52 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 16:52 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 16:52 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 16:52 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 16:52 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 16:52 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 16:52 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 16:52 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 16:52 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 16:52 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 16:52 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 16:52 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 16:37 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 16:32 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 16:32 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 16:32 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 16:21 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 16:21 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 16:21 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 16:21 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 16:21 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 16:21 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 16:21 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 16:21 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 16:21 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 16:20 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 16:19 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 16:15 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-03-11 16:15 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 16:15 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 16:15 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 16:15 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 16:15 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 16:15 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 16:15 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 16:15 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 16:15 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 16:15 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 16:15 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 16:15 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 16:15 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 16:14 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-04 21:12 - 2015-03-04 21:12 - 141633571 _____ () C:\Users\Willi\Documents\Leonie Pferde Montagsgruppe.psd 2015-03-03 21:27 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-03-03 21:27 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-03-03 21:27 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-03-01 14:16 - 2015-02-23 13:03 - 00325944 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll 2015-03-01 14:05 - 2015-03-01 14:05 - 00002280 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2015-03-01 14:05 - 2015-03-01 14:05 - 00001207 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-03-01 14:03 - 2015-03-01 14:03 - 00000000 ____D () C:\Program Files\Free Codec Pack 2015-02-28 09:57 - 2015-02-28 09:57 - 00002304 _____ () C:\Users\Willi\Desktop\Mixed In Key 7.lnk 2015-02-28 09:57 - 2015-02-28 09:57 - 00002276 _____ () C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mixed In Key 7.lnk 2015-02-26 15:17 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-24 20:22 - 2015-02-01 13:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-24 20:17 - 2011-11-13 10:14 - 01694153 _____ () C:\Windows\WindowsUpdate.log 2015-03-24 20:14 - 2009-07-14 05:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-24 20:14 - 2009-07-14 05:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-24 20:04 - 2013-07-02 17:44 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-24 20:03 - 2013-07-02 17:44 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-24 19:54 - 2010-01-26 17:04 - 00127750 _____ () C:\Windows\PFRO.log 2015-03-24 19:54 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-24 19:54 - 2009-07-14 05:39 - 00186688 _____ () C:\Windows\setupact.log 2015-03-24 19:52 - 2012-02-20 19:34 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2015-03-24 19:52 - 2011-11-20 14:37 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2015-03-24 19:51 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-03-24 19:30 - 2011-11-13 17:12 - 00000000 ____D () C:\Users\Willi\AppData\Local\Adobe 2015-03-24 19:06 - 2013-06-29 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware 2015-03-24 19:06 - 2011-11-13 10:15 - 00000000 ____D () C:\Users\Willi 2015-03-24 19:06 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp 2015-03-24 19:03 - 2014-12-11 09:41 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-24 19:03 - 2014-05-06 21:34 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-24 19:02 - 2013-07-03 17:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2015-03-24 19:02 - 2013-06-29 14:11 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\Malwarebytes 2015-03-24 19:02 - 2013-06-29 14:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-24 19:02 - 2013-06-29 14:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware 2015-03-24 19:02 - 2012-05-05 18:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-03-24 19:02 - 2011-11-20 14:38 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\DVDVideoSoft 2015-03-24 19:02 - 2011-11-20 14:37 - 00000000 ____D () C:\Users\Willi\Documents\DVDVideoSoft 2015-03-24 19:02 - 2011-11-20 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-03-24 19:01 - 2011-11-20 14:37 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2015-03-24 18:58 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration 2015-03-23 13:43 - 2010-01-26 15:21 - 01593956 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-21 11:05 - 2013-07-02 17:46 - 00002125 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-16 19:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2015-03-14 10:23 - 2011-11-26 13:36 - 00000000 ____D () C:\Users\Willi\Documents\Flo 2015-03-14 10:07 - 2015-01-01 12:20 - 00000000 ____D () C:\Users\Willi\Documents\DJ EÜR 2015 2015-03-13 17:52 - 2009-07-14 05:33 - 00486560 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-13 17:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-03-11 23:19 - 2013-07-16 22:36 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-11 23:19 - 2010-01-28 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 18:48 - 2010-01-26 15:42 - 119837704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-07 11:00 - 2014-07-26 10:42 - 00001132 _____ () C:\Users\Willi\Desktop\Amazon Music.lnk 2015-03-04 14:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing 2015-03-03 20:00 - 2011-11-27 14:11 - 00000000 ____D () C:\ProgramData\tmp 2015-03-03 14:16 - 2010-01-26 15:37 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-03-01 19:10 - 2011-12-06 19:27 - 00000000 ____D () C:\Users\Willi\AppData\Local\Google 2015-02-28 09:57 - 2015-01-24 11:45 - 00000000 ____D () C:\Users\Willi\AppData\Local\Package Cache 2015-02-28 09:56 - 2015-01-24 11:45 - 00000000 ____D () C:\ProgramData\Package Cache ==================== Files in the root of some directories ======= 2009-05-26 08:26 - 2009-05-26 08:26 - 0097336 _____ (Un4seen Developments) C:\Program Files\bass.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0013872 _____ (Un4seen Developments) C:\Program Files\basscd.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0102912 _____ (Albert L Faber) C:\Program Files\CDRip.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0155136 _____ () C:\Program Files\lame_enc.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Program Files\No23 Recorder.exe 2009-05-26 08:26 - 2009-05-26 08:26 - 0029184 _____ () C:\Program Files\no23xwrapper.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0015872 _____ () C:\Program Files\ogg.dll 2009-04-09 16:08 - 2009-04-09 16:08 - 0001476 _____ () C:\Program Files\RecConfig.xml 2009-05-26 08:26 - 2009-05-26 08:26 - 0143872 _____ () C:\Program Files\vorbis.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0064000 _____ () C:\Program Files\vorbisenc.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0019456 _____ () C:\Program Files\vorbisfile.dll 2014-10-24 13:07 - 2015-01-04 18:48 - 0000078 _____ () C:\Users\Willi\AppData\Roaming\mbam.context.scan 2012-11-14 09:01 - 2012-11-14 09:01 - 0000019 _____ () C:\Users\Willi\AppData\Roaming\mdbu.bin 2011-12-06 21:05 - 2011-12-06 21:05 - 0003584 _____ () C:\Users\Willi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-11 17:14 - 2014-04-11 17:14 - 0001468 _____ () C:\Users\Willi\AppData\Local\RecConfig.xml 2011-11-15 19:46 - 2011-11-15 20:29 - 0000773 _____ () C:\ProgramData\hpzinstall.log 2013-02-27 17:12 - 2014-10-13 18:51 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys 2011-11-15 20:50 - 2015-01-24 12:15 - 0000302 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2012-06-02 14:46 - 2012-06-02 14:46 - 0001534 _____ () C:\ProgramData\ss.ini Some content of TEMP: ==================== C:\Users\Willi\AppData\Local\Temp\AskPIP_FF_.exe C:\Users\Willi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprpwv3p.dll C:\Users\Willi\AppData\Local\Temp\FileSystemView.dll C:\Users\Willi\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Willi\AppData\Local\Temp\FreeAudioConverter.exe C:\Users\Willi\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe C:\Users\Willi\AppData\Local\Temp\IminentSetup.exe C:\Users\Willi\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-8u31-windows-au.exe C:\Users\Willi\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Willi\AppData\Local\Temp\Quarantine.exe C:\Users\Willi\AppData\Local\Temp\readSTILog.dll C:\Users\Willi\AppData\Local\Temp\SpOrder.dll C:\Users\Willi\AppData\Local\Temp\sqlite3.dll C:\Users\Willi\AppData\Local\Temp\tmpFFB2.exe C:\Users\Willi\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-16 19:06 ==================== End Of Log ============================ Addition.txt das hier... Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by Willi at 2015-03-24 20:36:35 Running from C:\Users\Willi\Music\Musik 2015\2015-03 Promos Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden 4500_G510gm_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden 4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden 4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Photoshop Elements 10 (HKLM\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) ALDI Foto Service (HKLM\...\ALDI Foto Service D) (Version: 4.5.9.141 - MAGIX AG) ALDI Nord Foto Manager Free (HKLM\...\ALDI Nord Foto Manager Free D) (Version: 6.0.1.491 - MAGIX AG) Aldi Nord Fotoservice (HKLM\...\Aldi Nord Fotoservice_is1) (Version: - ) ALDI Nord Online Druck Service (HKLM\...\ALDI Nord Online Druck Service D) (Version: 4.5.1.0 - MAGIX AG) Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC) Amazon Music (HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC) Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{ADF60A14-CFC4-7174-D088-E1CFE6663EF3}) (Version: 3.0.769.0 - ATI Technologies, Inc.) Barbie Pferdeabenteuer - Im Reitercamp (HKLM\...\{40C4952C-D505-477A-AA90-224C2A011FC2}) (Version: 1.00.0000 - Activision) Beatport Downloader (HKLM\...\com.beatport.BeatportDownloader) (Version: 1.4 - Beatport LLC) Beatport Downloader (Version: 1.4 - Beatport LLC) Hidden Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden ccc-core-static (Version: 2010.0406.2133.36843 - Ihr Firmenname) Hidden Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Extra Content (HKLM\...\_{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version: - Corel Corporation) CorelDRAW Essentials 4 - Extra Content (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation) CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.9.13 - REINER SCT) CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.) CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.) Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden DJ Intro version 1.0.5 (HKLM\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.0.5 - Serato Audio Research) DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) Elements 10 Organizer (Version: 10.0 - Ihr Firmenname) Hidden Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden Firebird SQL Server - MAGIX Edition (HKLM\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG) FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time) Free Audio CD to MP3 Converter version 1.3.12.908 (HKLM\...\Free Audio CD to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.) Free Audio Converter version 5.0.52.1122 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.55.219 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.) FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - ) FreeRIP Toolbar v11.1 (HKLM\...\{BFC4E13B-2E9D-4D10-AF85-09993198ABCF}) (Version: 11.1 - Spigot, Inc.) <==== ATTENTION FreeRIP3 3.70 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.70 - GreenTree Applications SRL) Garmin Communicator Plugin (HKLM\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.) GSAK 8.3.0.1 (HKLM\...\GSAK_is1) (Version: - CWE computer services) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{20C6FF70-690B-4DF7-8F5D-269DD3A7FD23}) (Version: 3.0.2.163 - Apple Inc.) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden Konz 2012 (HKLM\...\InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}) (Version: 1.00.0000 - USM) Konz 2012 (Version: 1.00.0000 - USM) Hidden LEGO Universe (HKLM\...\NetDevil_LEGO_Universe_is1) (Version: - LEGO Software) MAGIX Screenshare (HKLM\...\MAGIX_{4923877D-6A59-485B-9E63-E35664B4F067}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden MAGIX Speed burnR (MSI) (HKLM\...\MAGIX_{14E1CEC0-E43B-4158-85F4-73BCB3878B7F}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Video deluxe 17 (HKLM\...\MAGIX_{F287AD31-C7A7-48BF-9381-6B8A686AAAD4}) (Version: 10.0.11.0 - MAGIX AG) MAGIX Video deluxe 17 (Version: 10.0.11.0 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden Mashup (HKLM\...\{7743B1B7-C241-4929-AFB3-2336714EA4E1}) (Version: 1.5.931.0 - Mixed In Key LLC) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) MEDION Fotos auf CD & DVD SE Nord (HKLM\...\MEDION Fotos auf CD & DVD SE Nord D) (Version: 8.0.3.4 - MAGIX AG) Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.) Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{91110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Mixed in Key (Version: 1.0.199.0 - Mixed In Key LLC) Hidden Mixed In Key 5.0 (HKLM\...\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}) (Version: 5.0.794.0 - Mixed In Key LLC) Mixed In Key 7 (HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\{1d5af37f-a69b-476e-a680-26f95d638039}) (Version: 7.0.199.0 - Mixed In Key LLC) MixMeister BPM Analyzer 1.0 (HKLM\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC) Mozilla Firefox 36.0.4 (x86 de) (HKLM\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mp3tag v2.49b (HKLM\...\Mp3tag) (Version: v2.49b - Florian Heidenreich) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.5.34.0 - Nokia) Nokia Suite (Version: 3.5.34.0 - Nokia) Hidden OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden PC Connectivity Solution (HKLM\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pioneer DDJ Driver (HKLM\...\Pioneer DDJ ASIO) (Version: 1.100.000.002 - Pioneer Corporation.) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PSE10 STI Installer (Version: 10.0 - Adobe Systems Incorporated) Hidden QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - ) Rossmann Fotowelt Software 4.13 (HKLM\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net) Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated) StarMoney (Version: 2.0 - StarFinanz) Hidden StarMoney (Version: 3.0.0.124 - StarFinanz) Hidden StarMoney 8.0 S-Edition (HKLM\...\{FC1C4D90-6FE7-467E-825D-CE38373DE7A7}) (Version: 8.0 - Star Finanz GmbH) Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden Steuer 2011 (HKLM\...\{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}) (Version: 19.00.7304 - Buhl Data Service GmbH) Steuer 2012 (HKLM\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH) Steuer 2013 (HKLM\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VirtualDJ LE (DDJ-ERGO) (HKLM\...\{9D920697-9BEC-4660-9335-292EC6CE8008}) (Version: 7.0.5 - Atomix Productions) WAV To MP3 V2 (HKLM\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live ID-Anmelde-Assistent (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation) Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 11-03-2015 23:02:38 Windows Update 16-03-2015 18:13:00 Windows Update 21-03-2015 10:38:59 Windows Update 23-03-2015 13:38:20 Windows Update 23-03-2015 18:44:07 Removed FreeRIP Toolbar v11.1. 24-03-2015 18:44:54 Wiederherstellungsvorgang 24-03-2015 19:10:58 Windows Update 24-03-2015 20:05:32 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00EA8572-8A8C-4F4C-9BFC-EF9324122296} - System32\Tasks\{DD147A51-D068-4BE8-A7B7-43677511BF68} => pcalua.exe -a "C:\Users\Willi\Music\Musik 2014\2014-02 - Promos\MapSource_6163.exe" -d "C:\Users\Willi\Music\Musik 2014\2014-02 - Promos" Task: {16FD64A7-B064-45FA-BF47-9B039C6D2FA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3C57BF74-420D-4607-8CDE-259993E30286} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.) Task: {A06F0EE9-F0EC-447D-A812-382848B32284} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {B386F1ED-ED13-4076-B8FB-792294A0DF94} - System32\Tasks\AdobeAAMUpdater-1.0-Willi-PC-Willi => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {C7B3918C-7C79-4BDE-8B5E-8D740ED16EE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2012-04-18 17:25 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll 2011-11-17 08:52 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\system32\SerialXP.dll 2013-02-20 15:45 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files\StarMoney 8.0 S-Edition\ouservice\PATCHW32.dll 2010-04-28 16:49 - 2010-04-28 16:49 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-07-26 10:42 - 2015-03-02 23:44 - 05886272 _____ () C:\Users\Willi\AppData\Local\Amazon Music\Amazon Music Helper.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-2237614562-1304385355-4267408445-500 - Administrator - Disabled) Gast (S-1-5-21-2237614562-1304385355-4267408445-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2237614562-1304385355-4267408445-1002 - Limited - Enabled) Willi (S-1-5-21-2237614562-1304385355-4267408445-1001 - Administrator - Enabled) => C:\Users\Willi ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/23/2015 01:36:58 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/23/2015 01:32:52 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/21/2015 06:17:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm iexplore.exe, Version 11.0.9600.17689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1618 Startzeit: 01d063b9ae65f79f Endzeit: 490 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: Error: (03/21/2015 01:03:07 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/21/2015 00:58:47 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 09:29:09 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 09:27:20 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 06:59:08 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 06:54:59 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/16/2015 07:32:19 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". System errors: ============= Error: (03/24/2015 07:54:12 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 24.03.2015 um 19:51:55 unerwartet heruntergefahren. Error: (03/24/2015 07:52:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (03/24/2015 07:52:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706be fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.195.136.0) Error: (03/24/2015 07:52:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/24/2015 07:52:18 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.195.2.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.7.0205.00 Quellpfad: 4.7.0205.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "StarMoney 8.0 OnlineUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office Sessions: ========================= Error: (01/07/2014 06:51:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 392 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/23/2011 03:03:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X4 620 Processor Percentage of memory in use: 43% Total physical RAM: 3326.3 MB Available physical RAM: 1888.66 MB Total Pagefile: 6650.9 MB Available Pagefile: 4845.46 MB Total Virtual: 2047.88 MB Available Virtual: 1883.21 MB ==================== Drives ================================ Drive c: (Boot) (Fixed) (Total:910.41 GB) (Free:119.56 GB) NTFS Drive d: (Recover) (Fixed) (Total:20 GB) (Free:11.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=910.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== End Of Log ============================ |
24.03.2015, 21:06 | #2 | |
/// TB-Ausbilder | rdsrv.com?Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.
|
24.03.2015, 21:22 | #3 |
| rdsrv.com? FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Willi (administrator) on WILLI-PC on 24-03-2015 21:18:04 Running from C:\Users\Willi\Desktop Loaded Profiles: Willi (Available profiles: Willi) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (REINER SCT) C:\Windows\System32\cjpcsc.exe (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (AMD) C:\Windows\System32\atieclxx.exe (CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Users\Willi\AppData\Local\Amazon Music\Amazon Music Helper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-06] (Advanced Micro Devices, Inc.) HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040 2010-04-06] (Realtek Semiconductor) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [TrayServer] => C:\Program Files\MAGIX\Video_deluxe_17\TrayServer.exe [90112 2008-08-07] (MAGIX AG) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [] => [X] HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}] => "C:\Users\Willi\AppData\Local\Temp\Temp1_MixedInKey_Version5_(794).zip\MixedInKey_Version5_(794).exe" /cmdloc "HKCU\Software\Mixed In Key LLC AiTemp\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}" <===== ATTENTION HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [] => [X] HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [Amazon Music] => C:\Users\Willi\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] () HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-02] (Google Inc.) HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.ebay.de/ HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001 -> DefaultScope {A37A9341-F37B-42D3-A57F-540A6B7575A8} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7NDKB_deDE543 SearchScopes: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001 -> {A37A9341-F37B-42D3-A57F-540A6B7575A8} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7NDKB_deDE543 BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation) BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Toolbar: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D030115-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961 FF DefaultSearchEngine: Google Default FF SelectedSearchEngine: Bing FF Homepage: google.com FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p= FF NetworkProxy: "socks_remote_dns", true FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-04-29] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-08-03] ( ) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin HKU\S-1-5-21-2237614562-1304385355-4267408445-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-29] (Amazon.com, Inc.) FF SearchPlugin: C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\searchplugins\google-default.xml [2015-03-01] FF Extension: FoxyProxy Standard - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\foxyproxy@eric.h.jung [2015-03-23] FF Extension: Garmin Communicator - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-07-18] FF Extension: Address Bar Search - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [2014-10-18] FF Extension: Bitdefender QuickScan - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-03-23] FF Extension: anonymoX - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\client@anonymox.net.xpi [2013-12-15] FF Extension: Soundcloud.com: Enable downloading for every track - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\sound@cloud.com.xpi [2011-11-13] FF Extension: NoScript - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-23] FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2011-11-13] FF Extension: Video DownloadHelper - C:\Users\Willi\AppData\Roaming\Mozilla\Firefox\Profiles\0i98vdjj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-23] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-15] FF HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR Profile: C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-29] CHR Extension: (YouTube) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-03] CHR Extension: (Google Search) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-03] CHR Extension: (Google Wallet) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-07] CHR Extension: (Gmail) - C:\Users\Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-03] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor10.0; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated) R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [511920 2011-07-22] (REINER SCT) R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2009-07-07] (Advanced Micro Devices Inc.) R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed] R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-24 21:12 - 2015-03-24 21:12 - 00038172 _____ () C:\Users\Willi\Desktop\Addition.txt 2015-03-24 21:08 - 2015-03-24 21:18 - 00019729 _____ () C:\Users\Willi\Desktop\FRST.txt 2015-03-24 20:33 - 2015-03-24 21:18 - 00000000 ____D () C:\FRST 2015-03-24 20:15 - 2015-03-24 20:33 - 01135104 _____ (Farbar) C:\Users\Willi\Desktop\FRST.exe 2015-03-24 19:43 - 2015-03-24 19:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-03-24 19:22 - 2015-03-11 04:30 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-03-24 19:22 - 2015-03-11 04:29 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-03-24 19:22 - 2015-03-11 04:29 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-03-24 19:22 - 2015-03-11 04:29 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-03-24 19:22 - 2015-03-11 04:29 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-03-24 19:22 - 2015-03-11 04:29 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-03-24 19:22 - 2015-03-11 04:26 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-03-24 19:21 - 2015-03-11 04:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-03-24 18:43 - 2015-03-24 20:00 - 00000000 ____D () C:\AdwCleaner 2015-03-23 19:24 - 2015-03-24 18:40 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\Enigma Software Group 2015-03-23 19:15 - 2015-03-23 19:15 - 00000000 ____D () C:\Program Files\Enigma Software Group 2015-03-23 19:06 - 2015-03-24 19:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2015-03-23 18:47 - 2015-03-23 18:47 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\QuickScan 2015-03-11 16:52 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 16:52 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 16:52 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 16:52 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 16:52 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 16:52 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 16:52 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 16:52 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 16:52 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 16:52 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 16:52 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 16:52 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 16:52 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 16:52 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 16:52 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 16:52 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 16:52 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 16:52 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 16:52 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 16:52 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 16:52 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 16:52 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 16:52 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 16:52 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 16:52 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 16:52 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 16:52 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 16:52 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 16:52 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 16:52 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 16:37 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 16:32 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 16:32 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 16:32 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 16:21 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 16:21 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 16:21 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 16:21 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 16:21 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 16:21 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 16:21 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 16:21 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 16:21 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 16:21 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 16:20 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 16:20 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 16:19 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 16:15 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-03-11 16:15 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 16:15 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 16:15 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 16:15 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 16:15 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 16:15 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 16:15 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 16:15 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 16:15 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 16:15 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 16:15 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 16:15 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 16:15 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 16:15 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 16:15 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 16:14 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-04 21:12 - 2015-03-04 21:12 - 141633571 _____ () C:\Users\Willi\Documents\Leonie Pferde Montagsgruppe.psd 2015-03-03 21:27 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-03-03 21:27 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-03-03 21:27 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-03-01 14:16 - 2015-02-23 13:03 - 00325944 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll 2015-03-01 14:05 - 2015-03-01 14:05 - 00002280 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2015-03-01 14:05 - 2015-03-01 14:05 - 00001207 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-03-01 14:03 - 2015-03-01 14:03 - 00000000 ____D () C:\Program Files\Free Codec Pack 2015-02-28 09:57 - 2015-02-28 09:57 - 00002304 _____ () C:\Users\Willi\Desktop\Mixed In Key 7.lnk 2015-02-28 09:57 - 2015-02-28 09:57 - 00002276 _____ () C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mixed In Key 7.lnk 2015-02-26 15:17 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-24 21:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-03-24 21:10 - 2011-11-13 10:14 - 01706674 _____ () C:\Windows\WindowsUpdate.log 2015-03-24 21:10 - 2009-07-14 05:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-24 21:10 - 2009-07-14 05:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-24 21:03 - 2013-07-02 17:44 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-24 21:03 - 2013-07-02 17:44 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-24 21:02 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-24 21:02 - 2009-07-14 05:39 - 00186744 _____ () C:\Windows\setupact.log 2015-03-24 21:01 - 2012-05-05 18:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-03-24 21:00 - 2014-12-11 09:41 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-24 21:00 - 2014-05-06 21:34 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-24 20:22 - 2015-02-01 13:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-24 19:54 - 2010-01-26 17:04 - 00127750 _____ () C:\Windows\PFRO.log 2015-03-24 19:52 - 2012-02-20 19:34 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2015-03-24 19:52 - 2011-11-20 14:37 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2015-03-24 19:30 - 2011-11-13 17:12 - 00000000 ____D () C:\Users\Willi\AppData\Local\Adobe 2015-03-24 19:06 - 2013-06-29 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware 2015-03-24 19:06 - 2011-11-13 10:15 - 00000000 ____D () C:\Users\Willi 2015-03-24 19:06 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp 2015-03-24 19:02 - 2013-07-03 17:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2015-03-24 19:02 - 2013-06-29 14:11 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\Malwarebytes 2015-03-24 19:02 - 2013-06-29 14:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-24 19:02 - 2013-06-29 14:11 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware 2015-03-24 19:02 - 2011-11-20 14:38 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\DVDVideoSoft 2015-03-24 19:02 - 2011-11-20 14:37 - 00000000 ____D () C:\Users\Willi\Documents\DVDVideoSoft 2015-03-24 19:02 - 2011-11-20 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-03-24 19:01 - 2011-11-20 14:37 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2015-03-24 18:58 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration 2015-03-23 13:43 - 2010-01-26 15:21 - 01593956 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-21 11:05 - 2013-07-02 17:46 - 00002125 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-16 19:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2015-03-14 10:23 - 2011-11-26 13:36 - 00000000 ____D () C:\Users\Willi\Documents\Flo 2015-03-14 10:07 - 2015-01-01 12:20 - 00000000 ____D () C:\Users\Willi\Documents\DJ EÜR 2015 2015-03-13 17:52 - 2009-07-14 05:33 - 00486560 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-13 17:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-03-11 23:19 - 2013-07-16 22:36 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-11 23:19 - 2010-01-28 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 18:48 - 2010-01-26 15:42 - 119837704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-07 11:00 - 2014-07-26 10:42 - 00001132 _____ () C:\Users\Willi\Desktop\Amazon Music.lnk 2015-03-04 14:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing 2015-03-03 20:00 - 2011-11-27 14:11 - 00000000 ____D () C:\ProgramData\tmp 2015-03-03 14:16 - 2010-01-26 15:37 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-03-01 19:10 - 2011-12-06 19:27 - 00000000 ____D () C:\Users\Willi\AppData\Local\Google 2015-02-28 09:57 - 2015-01-24 11:45 - 00000000 ____D () C:\Users\Willi\AppData\Local\Package Cache 2015-02-28 09:56 - 2015-01-24 11:45 - 00000000 ____D () C:\ProgramData\Package Cache ==================== Files in the root of some directories ======= 2009-05-26 08:26 - 2009-05-26 08:26 - 0097336 _____ (Un4seen Developments) C:\Program Files\bass.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0013872 _____ (Un4seen Developments) C:\Program Files\basscd.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0102912 _____ (Albert L Faber) C:\Program Files\CDRip.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0155136 _____ () C:\Program Files\lame_enc.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Program Files\No23 Recorder.exe 2009-05-26 08:26 - 2009-05-26 08:26 - 0029184 _____ () C:\Program Files\no23xwrapper.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0015872 _____ () C:\Program Files\ogg.dll 2009-04-09 16:08 - 2009-04-09 16:08 - 0001476 _____ () C:\Program Files\RecConfig.xml 2009-05-26 08:26 - 2009-05-26 08:26 - 0143872 _____ () C:\Program Files\vorbis.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0064000 _____ () C:\Program Files\vorbisenc.dll 2009-05-26 08:26 - 2009-05-26 08:26 - 0019456 _____ () C:\Program Files\vorbisfile.dll 2014-10-24 13:07 - 2015-01-04 18:48 - 0000078 _____ () C:\Users\Willi\AppData\Roaming\mbam.context.scan 2012-11-14 09:01 - 2012-11-14 09:01 - 0000019 _____ () C:\Users\Willi\AppData\Roaming\mdbu.bin 2011-12-06 21:05 - 2011-12-06 21:05 - 0003584 _____ () C:\Users\Willi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-11 17:14 - 2014-04-11 17:14 - 0001468 _____ () C:\Users\Willi\AppData\Local\RecConfig.xml 2011-11-15 19:46 - 2011-11-15 20:29 - 0000773 _____ () C:\ProgramData\hpzinstall.log 2013-02-27 17:12 - 2014-10-13 18:51 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys 2011-11-15 20:50 - 2015-01-24 12:15 - 0000302 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2012-06-02 14:46 - 2012-06-02 14:46 - 0001534 _____ () C:\ProgramData\ss.ini Some content of TEMP: ==================== C:\Users\Willi\AppData\Local\Temp\AskPIP_FF_.exe C:\Users\Willi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprpwv3p.dll C:\Users\Willi\AppData\Local\Temp\FileSystemView.dll C:\Users\Willi\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Willi\AppData\Local\Temp\FreeAudioConverter.exe C:\Users\Willi\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe C:\Users\Willi\AppData\Local\Temp\IminentSetup.exe C:\Users\Willi\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe C:\Users\Willi\AppData\Local\Temp\jre-8u31-windows-au.exe C:\Users\Willi\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Willi\AppData\Local\Temp\Quarantine.exe C:\Users\Willi\AppData\Local\Temp\readSTILog.dll C:\Users\Willi\AppData\Local\Temp\SpOrder.dll C:\Users\Willi\AppData\Local\Temp\sqlite3.dll C:\Users\Willi\AppData\Local\Temp\tmpFFB2.exe C:\Users\Willi\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-16 19:06 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by Willi at 2015-03-24 21:18:28 Running from C:\Users\Willi\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden 4500_G510gm_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden 4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden 4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Photoshop Elements 10 (HKLM\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) ALDI Foto Service (HKLM\...\ALDI Foto Service D) (Version: 4.5.9.141 - MAGIX AG) ALDI Nord Foto Manager Free (HKLM\...\ALDI Nord Foto Manager Free D) (Version: 6.0.1.491 - MAGIX AG) Aldi Nord Fotoservice (HKLM\...\Aldi Nord Fotoservice_is1) (Version: - ) ALDI Nord Online Druck Service (HKLM\...\ALDI Nord Online Druck Service D) (Version: 4.5.1.0 - MAGIX AG) Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC) Amazon Music (HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC) Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{ADF60A14-CFC4-7174-D088-E1CFE6663EF3}) (Version: 3.0.769.0 - ATI Technologies, Inc.) Barbie Pferdeabenteuer - Im Reitercamp (HKLM\...\{40C4952C-D505-477A-AA90-224C2A011FC2}) (Version: 1.00.0000 - Activision) Beatport Downloader (HKLM\...\com.beatport.BeatportDownloader) (Version: 1.4 - Beatport LLC) Beatport Downloader (Version: 1.4 - Beatport LLC) Hidden Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden ccc-core-static (Version: 2010.0406.2133.36843 - Ihr Firmenname) Hidden Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Extra Content (HKLM\...\_{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version: - Corel Corporation) CorelDRAW Essentials 4 - Extra Content (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation) CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.9.13 - REINER SCT) CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.) CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.) Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden DJ Intro version 1.0.5 (HKLM\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.0.5 - Serato Audio Research) DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) Elements 10 Organizer (Version: 10.0 - Ihr Firmenname) Hidden Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden Firebird SQL Server - MAGIX Edition (HKLM\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG) FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time) Free Audio CD to MP3 Converter version 1.3.12.908 (HKLM\...\Free Audio CD to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.) Free Audio Converter version 5.0.52.1122 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.55.219 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.) FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - ) FreeRIP Toolbar v11.1 (HKLM\...\{BFC4E13B-2E9D-4D10-AF85-09993198ABCF}) (Version: 11.1 - Spigot, Inc.) <==== ATTENTION FreeRIP3 3.70 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.70 - GreenTree Applications SRL) Garmin Communicator Plugin (HKLM\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.) GSAK 8.3.0.1 (HKLM\...\GSAK_is1) (Version: - CWE computer services) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{20C6FF70-690B-4DF7-8F5D-269DD3A7FD23}) (Version: 3.0.2.163 - Apple Inc.) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden Konz 2012 (HKLM\...\InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}) (Version: 1.00.0000 - USM) Konz 2012 (Version: 1.00.0000 - USM) Hidden LEGO Universe (HKLM\...\NetDevil_LEGO_Universe_is1) (Version: - LEGO Software) MAGIX Screenshare (HKLM\...\MAGIX_{4923877D-6A59-485B-9E63-E35664B4F067}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden MAGIX Speed burnR (MSI) (HKLM\...\MAGIX_{14E1CEC0-E43B-4158-85F4-73BCB3878B7F}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Video deluxe 17 (HKLM\...\MAGIX_{F287AD31-C7A7-48BF-9381-6B8A686AAAD4}) (Version: 10.0.11.0 - MAGIX AG) MAGIX Video deluxe 17 (Version: 10.0.11.0 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden Mashup (HKLM\...\{7743B1B7-C241-4929-AFB3-2336714EA4E1}) (Version: 1.5.931.0 - Mixed In Key LLC) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) MEDION Fotos auf CD & DVD SE Nord (HKLM\...\MEDION Fotos auf CD & DVD SE Nord D) (Version: 8.0.3.4 - MAGIX AG) Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.) Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{91110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Mixed in Key (Version: 1.0.199.0 - Mixed In Key LLC) Hidden Mixed In Key 5.0 (HKLM\...\{603380FE-28B7-4EFA-A9B9-A94C1D46A6EA}) (Version: 5.0.794.0 - Mixed In Key LLC) Mixed In Key 7 (HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\...\{1d5af37f-a69b-476e-a680-26f95d638039}) (Version: 7.0.199.0 - Mixed In Key LLC) MixMeister BPM Analyzer 1.0 (HKLM\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC) Mozilla Firefox 36.0.4 (x86 de) (HKLM\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mp3tag v2.49b (HKLM\...\Mp3tag) (Version: v2.49b - Florian Heidenreich) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.5.34.0 - Nokia) Nokia Suite (Version: 3.5.34.0 - Nokia) Hidden OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden PC Connectivity Solution (HKLM\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pioneer DDJ Driver (HKLM\...\Pioneer DDJ ASIO) (Version: 1.100.000.002 - Pioneer Corporation.) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PSE10 STI Installer (Version: 10.0 - Adobe Systems Incorporated) Hidden QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - ) Rossmann Fotowelt Software 4.13 (HKLM\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net) Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated) StarMoney (Version: 2.0 - StarFinanz) Hidden StarMoney (Version: 3.0.0.124 - StarFinanz) Hidden StarMoney 8.0 S-Edition (HKLM\...\{FC1C4D90-6FE7-467E-825D-CE38373DE7A7}) (Version: 8.0 - Star Finanz GmbH) Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden Steuer 2011 (HKLM\...\{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}) (Version: 19.00.7304 - Buhl Data Service GmbH) Steuer 2012 (HKLM\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH) Steuer 2013 (HKLM\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VirtualDJ LE (DDJ-ERGO) (HKLM\...\{9D920697-9BEC-4660-9335-292EC6CE8008}) (Version: 7.0.5 - Atomix Productions) WAV To MP3 V2 (HKLM\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live ID-Anmelde-Assistent (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation) Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2237614562-1304385355-4267408445-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Willi\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 16-03-2015 18:13:00 Windows Update 21-03-2015 10:38:59 Windows Update 23-03-2015 13:38:20 Windows Update 23-03-2015 18:44:07 Removed FreeRIP Toolbar v11.1. 24-03-2015 18:44:54 Wiederherstellungsvorgang 24-03-2015 19:10:58 Windows Update 24-03-2015 20:05:32 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00EA8572-8A8C-4F4C-9BFC-EF9324122296} - System32\Tasks\{DD147A51-D068-4BE8-A7B7-43677511BF68} => pcalua.exe -a "C:\Users\Willi\Music\Musik 2014\2014-02 - Promos\MapSource_6163.exe" -d "C:\Users\Willi\Music\Musik 2014\2014-02 - Promos" Task: {16FD64A7-B064-45FA-BF47-9B039C6D2FA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3C57BF74-420D-4607-8CDE-259993E30286} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.) Task: {A06F0EE9-F0EC-447D-A812-382848B32284} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {B386F1ED-ED13-4076-B8FB-792294A0DF94} - System32\Tasks\AdobeAAMUpdater-1.0-Willi-PC-Willi => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {C7B3918C-7C79-4BDE-8B5E-8D740ED16EE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2012-04-18 17:25 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2011-11-17 08:52 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\system32\SerialXP.dll 2013-02-20 15:45 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files\StarMoney 8.0 S-Edition\ouservice\PATCHW32.dll 2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll 2014-07-26 10:42 - 2015-03-02 23:44 - 05886272 _____ () C:\Users\Willi\AppData\Local\Amazon Music\Amazon Music Helper.exe 2010-04-28 16:49 - 2010-04-28 16:49 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2237614562-1304385355-4267408445-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-2237614562-1304385355-4267408445-500 - Administrator - Disabled) Gast (S-1-5-21-2237614562-1304385355-4267408445-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2237614562-1304385355-4267408445-1002 - Limited - Enabled) Willi (S-1-5-21-2237614562-1304385355-4267408445-1001 - Administrator - Enabled) => C:\Users\Willi ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/23/2015 01:36:58 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/23/2015 01:32:52 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/21/2015 06:17:02 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm iexplore.exe, Version 11.0.9600.17689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1618 Startzeit: 01d063b9ae65f79f Endzeit: 490 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: Error: (03/21/2015 01:03:07 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/21/2015 00:58:47 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 09:29:09 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 09:27:20 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 06:59:08 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/18/2015 06:54:59 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (03/16/2015 07:32:19 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". System errors: ============= Error: (03/24/2015 09:13:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (03/24/2015 09:12:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error: (03/24/2015 07:54:12 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 24.03.2015 um 19:51:55 unerwartet heruntergefahren. Error: (03/24/2015 07:52:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (03/24/2015 07:52:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706be fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.195.136.0) Error: (03/24/2015 07:52:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/24/2015 07:52:18 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.195.2.0 Aktualisierungsquelle: %NT-AUTORITÄT59 Aktualisierungsphase: 4.7.0205.00 Quellpfad: 4.7.0205.01 Signaturtyp: %NT-AUTORITÄT602 Aktualisierungstyp: %NT-AUTORITÄT604 Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %NT-AUTORITÄT605 Vorherige Modulversion: %NT-AUTORITÄT606 Fehlercode: %NT-AUTORITÄT607 Fehlerbeschreibung: %NT-AUTORITÄT608 Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "StarMoney 8.0 OnlineUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/24/2015 07:52:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= Error: (01/07/2014 06:51:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 392 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/23/2011 03:03:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X4 620 Processor Percentage of memory in use: 36% Total physical RAM: 3326.3 MB Available physical RAM: 2117.89 MB Total Pagefile: 6650.9 MB Available Pagefile: 5031.3 MB Total Virtual: 2047.88 MB Available Virtual: 1919.68 MB ==================== Drives ================================ Drive c: (Boot) (Fixed) (Total:910.41 GB) (Free:120.75 GB) NTFS Drive d: (Recover) (Fixed) (Total:20 GB) (Free:11.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=910.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== End Of Log ============================ |
25.03.2015, 17:00 | #4 |
/// TB-Ausbilder | rdsrv.com? Servus, bitte beschreibe mir ein bisschen genauer, was dein Problem mit "rdsrv.com" ist. |
30.03.2015, 12:05 | #5 |
/// TB-Ausbilder | rdsrv.com? Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
Themen zu rdsrv.com? |
administrator, adobe, adobe flash player, bonjour, browser, desktop, explorer, flash player, google, home, homepage, microsoft, mozilla, musik, newtab, officejet, realtek, registry, scan, security, services.exe, software, starmoney, super, svchost.exe, system, temp, web companion, windows, winlogon.exe |