dann poste mal frische FRST logs

danke für die erneute Hilfe

wie gewünscht die FRST-Logs:


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015
Ran by Du$a (administrator) on DUA-PC on 13-04-2015 12:15:38
Running from C:\Users\Du$a\Desktop
Loaded Profiles: Du$a (Available profiles: Du$a & Allplanuser & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Computer Corporation) C:\DELL\DBRM\Reminder\DbrmTrayicon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(Huawei Technologies Co., Ltd.) C:\Users\Du$a\AppData\Roaming\blueconnect\ouc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\blueconnect\DataCardMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(NVIDIA Corporation) C:\Users\Du$a\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Du$a\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Du$a\AppData\Local\Akamai\netsession_win.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6629480 2011-04-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-10-01] ()
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [227328 2011-03-08] (Dell Computer Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\blueconnect\DataCardMonitor.exe [259424 2014-04-18] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Du$a\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\Run: [HW_OPENEYE_OUC_blueconnect] => C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe [116064 2011-03-26] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\Policies\Explorer: [] 
HKU\S-1-5-21-404412235-590163678-2978260805-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-05-01] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-404412235-590163678-2978260805-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-404412235-590163678-2978260805-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-404412235-590163678-2978260805-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
SearchScopes: HKLM -> {62201D5A-BF32-4401-B628-8C1352CBF096} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {62201D5A-BF32-4401-B628-8C1352CBF096} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-404412235-590163678-2978260805-1002 -> {62201D5A-BF32-4401-B628-8C1352CBF096} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-30] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Du$a\AppData\Roaming\Mozilla\Firefox\Profiles\8yqrdyev.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-26] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-11-12]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 svcGenericHost; "c:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-09-22] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-09-22] (ESET)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-03-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [79872 2011-08-10] (ZTE) [File not signed]
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [14336 2011-08-10] (ZTE) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 12:15 - 2015-04-13 12:16 - 00019591 _____ () C:\Users\Du$a\Desktop\FRST.txt
2015-04-13 12:15 - 2015-04-13 12:15 - 00000000 ____D () C:\FRST
2015-04-13 12:14 - 2015-04-13 12:14 - 02096640 _____ (Farbar) C:\Users\Du$a\Desktop\FRST64.exe
2015-04-12 14:16 - 2015-04-12 14:16 - 00004939 _____ () C:\Users\Du$a\Downloads\marvolisp.zip
2015-04-12 14:04 - 2015-04-12 15:44 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-04-12 14:04 - 2015-04-12 14:04 - 00004022 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-04-12 14:04 - 2015-04-12 14:04 - 00003212 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-04-12 14:04 - 2015-04-12 14:04 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-04-12 14:04 - 2015-04-12 14:04 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-04-12 14:01 - 2015-04-12 14:01 - 00003582 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-04-12 14:01 - 2015-04-12 14:01 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-04-12 12:46 - 2015-04-12 12:46 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-04-11 09:54 - 2015-04-11 09:54 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-04-11 09:54 - 2015-04-11 09:54 - 00000000 ____D () C:\Windows\system32\NV
2015-04-11 09:54 - 2015-03-13 17:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-11 09:52 - 2015-03-13 21:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-11 09:52 - 2015-03-13 21:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00299664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2015-04-11 09:52 - 2015-03-13 21:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-11 09:52 - 2015-03-13 21:41 - 00032456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-04-04 19:23 - 2015-04-04 19:23 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 19:23 - 2015-04-04 19:23 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-30 20:25 - 2015-03-30 20:26 - 00001799 _____ () C:\DelFix.txt
2015-03-30 20:25 - 2015-03-30 20:25 - 00000000 ____D () C:\Windows\ERUNT
2015-03-30 20:13 - 2015-03-30 20:13 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-03-30 19:53 - 2015-03-30 19:53 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-30 19:53 - 2015-03-30 19:53 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-29 22:57 - 2015-03-29 22:57 - 00000000 ____D () C:\Users\Du$a\Tracing
2015-03-29 13:31 - 2015-04-12 15:44 - 00000000 ____D () C:\ProgramData\PCDr
2015-03-28 14:04 - 2015-03-28 14:04 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-28 14:04 - 2015-03-28 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-28 14:04 - 2015-03-28 14:04 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-28 14:04 - 2015-03-17 07:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-28 14:04 - 2015-03-17 07:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-28 00:14 - 2015-03-30 20:21 - 00000000 ____D () C:\Windows\erdnt
2015-03-27 13:07 - 2015-04-12 16:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 13:07 - 2015-03-27 13:22 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-27 13:03 - 2015-03-17 07:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-25 17:11 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 17:11 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 17:11 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 17:11 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 17:11 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 17:11 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 17:11 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 17:11 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 12:13 - 2015-03-08 20:33 - 01090264 _____ () C:\Windows\WindowsUpdate.log
2015-04-13 12:11 - 2015-03-08 20:39 - 00020883 _____ () C:\Windows\setupact.log
2015-04-13 12:08 - 2011-12-12 21:29 - 00000000 ____D () C:\Users\Du$a
2015-04-13 12:08 - 2011-11-12 06:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-13 12:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-12 23:14 - 2010-11-21 08:50 - 00973690 _____ () C:\Windows\system32\perfh007.dat
2015-04-12 23:14 - 2010-11-21 08:50 - 00240216 _____ () C:\Windows\system32\perfc007.dat
2015-04-12 23:14 - 2009-07-14 07:13 - 02333000 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-12 23:08 - 2013-07-17 17:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-12 20:32 - 2015-02-11 15:27 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2015-04-12 19:40 - 2014-03-18 19:37 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-04-12 18:57 - 2013-11-26 18:59 - 00000634 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2013.job
2015-04-12 16:38 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-12 16:38 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-12 14:04 - 2011-11-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-04-11 09:54 - 2015-02-11 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-11 09:53 - 2011-11-12 06:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-11 09:43 - 2015-02-11 15:15 - 00001339 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-11 09:36 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-07 18:54 - 2014-02-12 23:43 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-01 20:39 - 2014-02-12 23:47 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-03-30 20:09 - 2015-03-08 21:19 - 00009016 _____ () C:\Windows\PFRO.log
2015-03-30 20:09 - 2013-06-02 12:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-30 20:05 - 2013-10-28 23:42 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-30 20:04 - 2014-06-09 12:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-30 20:04 - 2012-03-04 17:22 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-30 19:53 - 2011-11-12 13:39 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-30 19:53 - 2011-11-12 13:39 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-30 19:46 - 2014-09-21 20:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-28 23:59 - 2013-03-30 19:44 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-28 23:59 - 2011-11-12 13:42 - 00000000 ____D () C:\ProgramData\Skype
2015-03-28 05:44 - 2015-02-11 15:14 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:44 - 2015-02-11 15:14 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:43 - 2015-02-11 15:14 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2015-02-11 15:14 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-28 00:23 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-27 13:07 - 2015-02-24 16:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-26 20:08 - 2013-07-17 17:12 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-26 15:38 - 2012-04-01 23:45 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-26 15:38 - 2011-11-12 13:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-26 15:35 - 2011-11-12 13:53 - 00000000 ____D () C:\ProgramData\Sonic
2015-03-26 10:53 - 2014-12-17 16:02 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 10:53 - 2014-05-07 00:45 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2013-05-17 20:47 - 2013-05-17 20:45 - 304595822 _____ () C:\Program Files\PRJ1304_win32_de.zip
2013-05-16 16:27 - 2013-05-16 16:23 - 370115136 _____ () C:\Program Files\PRJ1304_win64_de.zip
2013-05-18 17:34 - 2015-01-31 00:20 - 0000058 _____ () C:\Users\Du$a\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2013-04-14 16:04 - 2013-04-14 16:04 - 0000337 _____ () C:\Users\Du$a\AppData\Local\Perfmon.PerfmonCfg
2011-12-25 21:17 - 2011-12-25 21:17 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-11-24 20:30 - 2013-11-24 20:30 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-20 10:17

==================== End Of Log ============================
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2015
Ran by Du$a at 2015-04-13 12:16:26
Running from C:\Users\Du$a\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Abisplan (HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\{4096AE22-0F4E-477C-80B3-8864B7F8B1DA}) (Version: 27.00.000 - Abis Softwareentwicklungs GesmbH.)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.17 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Akamai NetSession Interface (HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
AutoCAD 2014 - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - Deutsch (German) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.1.2.1000 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2014 - Deutsch (German) (HKLM\...\AutoCAD 2014 - Deutsch (German)) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2015 - Deutsch (German) (HKLM\...\Autodesk AutoCAD Civil 3D 2015 - Deutsch (German)) (Version: 10.4.524.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2015 - Deutsch (German) (Version: 10.4.524.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2015 Language Pack - Deutsch (German) (Version: 10.4.524.0 - Autodesk) Hidden
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
blueconnect (HKLM-x32\...\blueconnect) (Version: 11.302.09.27.49 - Huawei Technologies Co.,Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dlubal COMPOSITE-BEAM 8.01 64-bit (HKLM\...\Dlubal COMPOSITE-BEAM 8.01 64-bit) (Version: 8.01.0119 - Dlubal Software GmbH)
Dlubal COMPOSITE-BEAM 8.01 64-bit (Version: 8.01.0119 - Dlubal Software GmbH) Hidden
Dlubal CRANEWAY 8.01 64-bit (HKLM\...\Dlubal CRANEWAY 8.01 64-bit) (Version: 8.01.0103 - Dlubal Software GmbH)
Dlubal CRANEWAY 8.01 64-bit (Version: 8.01.0103 - Dlubal Software GmbH) Hidden
Dlubal PLATE-BUCKLING 8.01 64-bit (HKLM\...\Dlubal PLATE-BUCKLING 8.01 64-bit) (Version: 8.01.0119 - Dlubal Software GmbH)
Dlubal PLATE-BUCKLING 8.01 64-bit (Version: 8.01.0119 - Dlubal Software GmbH) Hidden
Dlubal RFEM 5.01 64-bit (HKLM\...\Dlubal RFEM 5.01 64-bit) (Version: 5.01.0119 - Dlubal Software GmbH)
Dlubal RFEM 5.01 64-bit (Version: 5.01.0119 - Dlubal Software GmbH) Hidden
Dlubal RSTAB 8.01 64-bit (HKLM\...\Dlubal RSTAB 8.01 64-bit) (Version: 8.01.0119 - Dlubal Software GmbH)
Dlubal RSTAB 8.01 64-bit (Version: 8.01.0119 - Dlubal Software GmbH) Hidden
Dlubal RX-TIMBER 2.01 64-bit (HKLM\...\Dlubal RX-TIMBER 2.01 64-bit) (Version: 2.01.0119 - Dlubal Software GmbH)
Dlubal RX-TIMBER 2.01 64-bit (Version: 2.01.0119 - Dlubal Software GmbH) Hidden
ESET Smart Security (HKLM\...\{75F06437-40F4-4A65-BC65-FC194D6B7EBA}) (Version: 8.0.304.4 - ESET, spol s r. o.)
ESS Energie Indikator (HKLM-x32\...\{6E83470B-5EE2-407D-ABFC-CC87E070ED8C}) (Version: 20.13.0 - Nemetschek Allplan GmbH)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
General Runtime Files for Allplan 2013-1-5 (x32 Version: 1.7.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2013-1-5 x64 (Version: 1.4.0.0 - Nemetschek Allplan Systems GmbH) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nemetschek Allplan 2013 (HKLM-x32\...\{FA47FBFD-2F6C-439A-B88C-2FFD6F4AE291}) (Version: 2013.0 - Nemetschek Allplan Systems GmbH)
Nemetschek SoftLock 2006 (HKLM-x32\...\{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}) (Version: 1.26.55 - Nemetschek Allplan Systems GmbH)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Screenshot Captor 4.03.00 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-003B-0000-0000-0000000FF1CE}_Office15.PRJPROR_{115B7592-B71D-4C27-AB34-34268FB199CA}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
TeamSpeak 3 Client (HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeXstudio 2.3 (HKLM-x32\...\TeXstudio_is1) (Version: 2.3.0 - Benito van der Zander)
TweakMe! (HKLM-x32\...\{709D0207-B1F8-4ADC-BB2F-CDBE2367A475}_is1) (Version: 1.3.0.0 - pXc-coding.com)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Validity Sensors DDK (HKLM\...\{10AAF056-7792-497A-ACAF-3BF002196574}) (Version: 4.3.33.0 - Validity Sensors, Inc.)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-404412235-590163678-2978260805-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-404412235-590163678-2978260805-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-404412235-590163678-2978260805-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-404412235-590163678-2978260805-1002_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-404412235-590163678-2978260805-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-404412235-590163678-2978260805-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)

==================== Restore Points  =========================

30-03-2015 20:25:59 Ende der Bereinigung
31-03-2015 11:41:37 Windows Update
04-04-2015 19:23:06 Windows Update
10-04-2015 11:14:01 Windows Update
11-04-2015 18:08:41 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-03-28 00:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {009BADA0-A148-4BF9-BB59-403E14DC712A} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.1.1.2\SymErr.exe
Task: {00FE3C61-61E6-42BB-8B82-5C497EC48B27} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.1.1.2\SymErr.exe
Task: {0F063A91-0946-408D-8922-904657B32660} - System32\Tasks\{1EADDBD3-AEB6-4D95-89F6-1F35DB0D5999} => pcalua.exe -a C:\Users\Du$a\Downloads\SA_Uninstall_1315.exe -d C:\Users\Du$a\Downloads
Task: {19FAB500-9BCD-43AE-B1C1-5528FD61F8E1} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {1E13E87C-99BE-42D7-81D4-8F75E8786BC1} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {201681F6-D01B-41B6-A9A0-18525374063D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-03-07] (Oracle Corporation)
Task: {21BCDA1D-16E6-4231-9737-62EC466E7D25} - System32\Tasks\Games\UpdateCheck_S-1-5-21-404412235-590163678-2978260805-1002
Task: {2BCB5EC9-BFB5-4982-B051-C698FBBAE39A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {31A525F8-3ED4-4523-B251-06F9491386FD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {33BC23C5-DAD8-4FBE-90C0-35172712CCE6} - System32\Tasks\WebContent AutoUpdate 2013 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2013-03-01] (Nemetschek Allplan Systems GmbH)
Task: {352CD47B-0895-4B8D-B05A-A4BFD408E78F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.1.1.2\WSCStub.exe
Task: {415F0C1C-048E-4FD7-946D-8AD197EFB831} - System32\Tasks\{3EF36F62-3248-4C53-B40D-D5CEF82B624D} => C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Task: {477BB1C4-F181-4A7C-832D-17DE5653EB93} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {4FB752E0-CF6F-47C8-91BE-5252E41F1769} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {5CA11383-5A06-49F6-BD3C-B93F946DD6E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6FDB1FD7-2C11-40C5-B02F-0936D9AE364F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {7543892D-A886-4672-9803-068B372E22BF} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {7818B810-393E-4A7D-A77B-376D469A76AB} - System32\Tasks\One-Click Optimizer WO11
Task: {81CBD590-D7FC-43BB-B18F-489FEAD95E32} - System32\Tasks\{1F89A63E-49C7-4E9C-9635-AB4A72A1D8A7} => C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Task: {84EB6319-AC02-4C3E-A316-9BD85F8DB850} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {894449B0-BF5D-4257-BE61-D334905440E5} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {8EEB9E7E-C0F7-45B7-9978-D1238329DCF4} - System32\Tasks\AutoUpdate Allplan 2013 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2013-03-01] (Nemetschek Allplan Systems GmbH)
Task: {93E6FA39-5146-4A60-B872-C59DEEEDDF95} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {A4FB3E0E-5C4A-4A13-A8D4-9105001C4EEB} - System32\Tasks\{02327FA7-9032-4CED-8626-34617404BBC9} => C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Task: {A569C717-3CE7-48C2-9275-B78CFA8139DA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {AA6EEDC5-73D4-4C5D-A3F6-2ADFF25D5050} - System32\Tasks\{55E1C3C3-F490-43D2-9612-C176A15173B1} => C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Task: {AACEFEA7-912F-43A3-89E2-54C60D192ADB} - System32\Tasks\{2CF5BCDF-A00F-4589-88BA-5D6E93258A7B} => C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Task: {AFEFDD41-0D79-43A4-BD81-7C9F753A4061} - System32\Tasks\{7E20755E-08EA-40C4-AD16-3D8811E0364A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {B9F252C0-DC4D-428A-B4A8-8596422C073F} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {BCECFB10-D48A-412E-919D-9AE5E74B1815} - System32\Tasks\{585DEED8-7E27-4FF4-AE8B-DE5768BA4A8B} => C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Task: {BE52993C-DEF2-499C-A9D7-815F84374A3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {BF98B5DF-7FD5-423F-9550-4FFB5AF5A634} - System32\Tasks\{CC113CB2-B09B-43EA-9029-9634C09790C4} => C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Task: {D131C2DB-98FA-4FC4-82DC-81348BD4793A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {D5FAB1A0-73C8-4A05-89FA-D9A90B713099} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {E762831E-4841-418F-B23C-E45D3A1E5BD1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-26] (Adobe Systems Incorporated)
Task: {EFA2FE63-FF39-4DD5-A3BD-97CDDAFF8CDE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoUpdate Allplan 2013.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe7/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf
Task: C:\Windows\Tasks\WebContent AutoUpdate 2013.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe…/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf /one http:/autoupdate.allplan.com/Updates/Allplan/MyPlan/2013/WebContent.upd

==================== Loaded Modules (whitelisted) ==============

2011-07-28 04:07 - 2011-07-28 04:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-02-11 14:25 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-12 14:29 - 2011-07-20 15:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-12 13:27 - 2010-10-01 17:49 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2011-07-28 04:07 - 2011-07-28 04:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-11-29 23:04 - 2010-11-29 23:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-11-26 17:16 - 2014-09-04 05:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-11-26 17:16 - 2014-09-04 05:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2011-11-12 14:29 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-04-11 09:43 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-404412235-590163678-2978260805-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Du$a\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-404412235-590163678-2978260805-500 - Administrator - Disabled) => C:\Users\Administrator
Allplanuser (S-1-5-21-404412235-590163678-2978260805-1005 - Limited - Disabled) => C:\Users\Allplanuser
Du$a (S-1-5-21-404412235-590163678-2978260805-1002 - Administrator - Enabled) => C:\Users\Du$a
Gast (S-1-5-21-404412235-590163678-2978260805-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-404412235-590163678-2978260805-1003 - Limited - Enabled)
kqkflvknyaq (S-1-5-21-404412235-590163678-2978260805-1004 - Limited - Disabled)
mjdmhhcga (S-1-5-21-404412235-590163678-2978260805-1006 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 00:12:52 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (04/13/2015 00:12:14 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (04/13/2015 00:12:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Name des fehlerhaften Moduls: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004e920f
ID des fehlerhaften Prozesses: 0xe60
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3

Error: (04/13/2015 00:11:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2015 08:30:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (04/12/2015 08:30:11 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (04/12/2015 04:30:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2015 04:13:52 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (04/12/2015 04:13:20 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (04/12/2015 03:08:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]


System errors:
=============
Error: (04/13/2015 00:11:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Trend Micro Client/Server Security Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/13/2015 00:10:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/13/2015 00:10:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.

Error: (04/12/2015 04:30:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Trend Micro Client/Server Security Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/12/2015 04:30:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NVIDIA Streamer Service erreicht.

Error: (04/12/2015 10:19:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Trend Micro Client/Server Security Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/11/2015 10:49:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Trend Micro Client/Server Security Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/11/2015 07:10:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Trend Micro Client/Server Security Agent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/11/2015 07:08:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎04.‎2015 um 19:03:49 unerwartet heruntergefahren.

Error: (04/11/2015 06:00:37 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.


Microsoft Office Sessions:
=========================
Error: (04/13/2015 00:12:52 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/13/2015 00:12:14 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/13/2015 00:12:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920fe6001d075d2288acdddC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe856e4435-e1c5-11e4-b164-848f69b69108

Error: (04/13/2015 00:11:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2015 08:30:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/12/2015 08:30:11 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/12/2015 04:30:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2015 04:13:52 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/12/2015 04:13:20 PM) (Source: MsiInstaller) (EventID: 11310) (User: Dua-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Du$a\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/12/2015 03:08:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 43%
Total physical RAM: 8086.17 MB
Available physical RAM: 4579.47 MB
Total Pagefile: 16170.52 MB
Available Pagefile: 12492.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:249.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\Policies\Explorer: [] 
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Wie oft kommt das vor?

hi

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-04-2015
Ran by Du$a at 2015-04-14 10:40:21 Run:1
Running from C:\Users\Du$a\Desktop
Loaded Profiles: Du$a (Available profiles: Du$a & Allplanuser & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-404412235-590163678-2978260805-1002\...\Policies\Explorer: [] 
Emptytemp:
*****************

HKU\S-1-5-21-404412235-590163678-2978260805-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
EmptyTemp: => Removed 307.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 10:40:32 ====
         

es is wirklich unterschiedlich...bis jetzt ist mir leider kein genauer Zeitintervall aufgefallen,
das einzige was ich sagen kann ist (kann mich aber auch irren):

mein bildschirmschoner schaltet sich nach 5 min ein, der Bildschirm wird schwarz nach 10min (so ist das eingestellt);
manchmal ist es aber so, dass sich der Bildschirmschoner zwar einschaltet (nach 5 min), der Bildschirm allerdings nicht schwarz wird (sollte nach 10min passieren) und der Bildschirm, mit dem akutell laufenden Programm (z.B.: Excel), wieder zu sehen ist.

Wie gesagt kann mich aber auch irren, da ich das nicht explizit beobachtet habe (vielleicht bin ich auch unabsichtlich an der Maus angekommen oder so :P)
lg

Ehm, was hat der Bildschirmschoner mit "aus dem laufenden Programm zurück auf den Deskto geworden werden" zu tun?

naja der bildschirmschoner schaltet sich aus, wenn man eine Aktion (Maus bewegen, Taste drücken, etc.) ausführt. Ich habe mir gedacht, dass diese zusätzliche Info vielleicht helfen könnte, falls es nur für Verwirrung sorgt, dann tut es mir leid und du kannst das ruhig schnell wieder vergessen ...

aus den laufenden Programmen (im Vollbildmodus, Firefox, etc.) werden ich weiterhin auf den Desktop geworfen

ich habe mir gedacht, dass vielleicht mein Antivirus Programm (ESET smart security) das problem verursachen könnte...das ist allerdings ausgeschlossen, da sich der "Gamermodus" einschaltet sobald ich ein Programm im Vollbildmodus öffne, welcher Fenster, Updates, etc. unterdrückt. (habe sogar ESET neu installiert)

lg

Dann schalte den Bildschirmschoner doch mal komplett aus

Ich hab den Bildschirmschoner komplett ausgeschaltet...aus dem Vollbildmodus werde ich trotzdem noch am Desktop geworfen,was mich wundert, da es ca 2 Wochen lang ohne Probleme geklappt hat -.-

ich hoffe du hast noch ander lösungsvorschläge, da das Problem sehr nervig ist

Ist kein Malwareproblem.


Windows Repair Tool laufen lassen:
Windows reparieren - so geht's - Anleitungen

hallo

hatte heute endlich ein bisschen Zeit das Repair Tool laufen zu lassen.

Leider hat das Tool das problem nicht behoben und ich werde immer noch auf den Desktop geworfen , hättest du vl sonst noch irgendwelche Ideen was das Problem verursachen könnte?

danke nochmals für alle Tipps!
lg

Leider nit wirklich.

Wir können noch einen Clean Boot versuchen.


http://support2.microsoft.com/kb/929135/de

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.

hallo

wollte nur mal Bescheid geben, dass der Clean Boot das Problem behoben hat... Ich werde seit mehr als einer Woche nicht mehr auf den Dekstop geworfen

Ich werde nun langsam beginnen die 3. Anbieterprogramme wieder zu aktivieren, sobald ich weiß welches Programm mir dieses Problem verursacht hat, gebe ich dir Bescheid!

danke nochmal!

ok