| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: DHL Spam Mail -> Trojaner/Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.06.2015, 15:45
| #1 |
 |  DHL Spam Mail -> Trojaner/Virus? Hallo liebes Trojaner Board Team, es kam vor kurzem eine DHL Spam Mail mit einem PDF Anhang. Mein Vater öffnete diese PDF und klickte darin evtl. (er weiß es nicht mehr genau, ist schon 2 Wochen her) auf einen Link. Habe nun mit Avira einen Suchlauf gemacht und er hat zwar was gefunden (6 was), es ist jedoch möglich, dass das nur Fehlalarme waren, hab sie auf jeden Fall in Quarantäne verschoben. Nun stellt sich für mich die Frage: Habe ich einen Trojaner/Virus bzw. wenn ja, wie bekomme ich diesen wieder runter? PS: Habe Win7 Hoffe ihr könnt mir helfen flowerwithlo Geändert von flowerwithlo (15.06.2015 um 16:20 Uhr) |
|
15.06.2015, 16:56
| #2 |
| /// the machine /// TB-Ausbilder    | DHL Spam Mail -> Trojaner/Virus? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
15.06.2015, 17:41
| #3 |
| | DHL Spam Mail -> Trojaner/Virus? Mein Benutzer ist kein Admin, soll ich den Scan dann einfach mit nem Admin-Konto ausführen (also bei "als Admin ausführen" einen anderen Admin auswählen) oder mein Konto als Admin machen?!
__________________Danke schon mal für deine Hilfe LG flowerwithlo So, hab den Scan jetzt einfach mal ohne Admin Rechte gemacht: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Philipp (ATTENTION: The logged in user is not administrator) on SCHEFFLER-PC on 15-06-2015 18:34:54
Running from C:\Users\Philipp\Desktop
Loaded Profiles: Jeffel & Philipp & Beamer & Ellen & Manuel & Manuel (Available Profiles: Jeffel & Philipp & Beamer & Ellen & Manuel & Manuel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> atiesrxx.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> ADSMSrv.exe
Failed to access process -> AsLdrSrv.exe
Failed to access process -> GFNEXSrv.exe
Failed to access process -> spoolsv.exe
Failed to access process -> sched.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> avguard.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> svchost.exe
Failed to access process -> escsvc.exe
Failed to access process -> E_S60RP7.EXE
Failed to access process -> svchost.exe
Failed to access process -> DVMExportService.exe
Failed to access process -> PublicWiFiService.exe
Failed to access process -> spmgr.exe
Failed to access process -> ss_conn_service.exe
Failed to access process -> WLIDSVC.EXE
Failed to access process -> Avira.ServiceHost.exe
Failed to access process -> GoogleCrashHandler.exe
Failed to access process -> WLIDSVCM.EXE
Failed to access process -> WmiPrvSE.exe
Failed to access process -> avshadow.exe
Failed to access process -> svchost.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> alg.exe
Failed to access process -> TrustedInstaller.exe
Failed to access process -> wmpnetwk.exe
Failed to access process -> FABS.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dllhost.exe
Failed to access process -> OSPPSVC.EXE
Failed to access process -> svchost.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> atieclxx.exe
Failed to access process -> BatteryLife.exe
Failed to access process -> wcourier.exe
Failed to access process -> HControl.exe
Failed to access process -> ATKOSD.exe
Failed to access process -> KBFiltr.exe
Failed to access process -> WDC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() D:\Gaming Maus\DareUMonitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILEE.EXE
(Dropbox, Inc.) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
Failed to access process -> WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
Failed to access process -> SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> svchost.exe
Failed to access process -> SearchFilterHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1549608 2009-08-17] (Synaptics Incorporated)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2009-07-31] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ADSMTray] => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Dare-U mouse] => D:\Gaming Maus\DareUMonitor.exe [786432 2012-11-20] ()
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [884440 2015-05-28] (BlueStack Systems, Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [DAEMON Tools Lite] => D:\DT\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [Steam] => D:\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-03-30]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-03-31]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-01] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
GroupPolicyUsers\S-1-5-21-644356114-2566177158-2502637254-1004\User: Group Policy Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.de/
URLSearchHook: [S-1-5-21-644356114-2566177158-2502637254-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: [S-1-5-21-644356114-2566177158-2502637254-1005] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: [S-1-5-21-644356114-2566177158-2502637254-1008] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: [S-1-5-21-644356114-2566177158-2502637254-1011] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {76193214-59DA-47ED-BB15-3BCACFC2C36A} URL = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1404014489394795&p2=^A6E^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {7B55E28C-0351-41CC-AC14-22094D95924D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=71BBFB7C-F00D-4E16-9DA1-51512365ABFE&apn_sauid=A57E7053-3C73-4602-928F-51C6D1D21E5C
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {B1316728-20A2-4B2A-9CD7-B52C1B2CB91A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=71BBFB7C-F00D-4E16-9DA1-51512365ABFE&apn_sauid=A57E7053-3C73-4602-928F-51C6D1D21E5C
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1404014489394795&p2=^A6E^YYYYYY^YY^DE&q={searchTerms}
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.177.1
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default
FF DefaultSearchEngine: Google.de
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google.de
FF Homepage: hxxp://de.yahoo.com/|https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-644356114-2566177158-2502637254-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Philipp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-10-03] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-02-16] (Apple Inc.)
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\searchplugins\ebay-durchsuchen.xml [2012-10-14]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\searchplugins\firefox-add-ons.xml [2011-07-08]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\searchplugins\googlede.xml [2012-05-18]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\searchplugins\suche-in-wikipedia.xml [2011-07-08]
FF SearchPlugin: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\searchplugins\youtube-videosuche.xml [2012-07-07]
FF Extension: Avira Browser Safety - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\abs@avira.com [2015-05-30]
FF Extension: LavaFox V2-Purple - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\zigboom555@aol.com [2015-05-05]
FF Extension: Blue Fox - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66} [2014-07-31]
FF Extension: Bloody Red - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2013-08-19]
FF Extension: FT DeepDark - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-22]
FF Extension: Add to Amazon Wish List Button - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\amznUWL2@amazon.com.xpi [2013-09-15]
FF Extension: YouTube to MP3 - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\youtube2mp3@mondayx.de.xpi [2012-01-19]
FF Extension: ProxTube - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-31]
FF Extension: AniWeather - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2011-07-08]
FF Extension: Nuri - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\{beab8ae9-eb2d-4ded-3b29-d35f6b82bfa5}.xpi [2012-12-23]
FF Extension: Adblock Plus - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\ynkmsd5b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-31]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-13]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-06-02]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433880 2015-05-28] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-28] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [806616 2015-05-28] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-26] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MDES; C:\ASUS.SYS\DVMExportService.exe [307200 2008-10-21] (DeviceVM) [File not signed]
R2 MyPublicWiFiService; C:\Program Files\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1997168 2015-06-08] (Electronic Arts)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 ss_conn_service; D:\Samsung Kies\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [25600 2009-07-24] (Alcor Micro, Corp.)
R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [30264 2009-12-25] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-20] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [105728 2014-09-29] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2014-09-29] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-11] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131288 2015-05-28] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-21] (Disc Soft Ltd)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2009-06-18] (Windows (R) Win 7 DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
R1 ndiskhaz; C:\Windows\System32\DRIVERS\ndiskhaz.sys [25416 2012-12-07] (Khalil Azzouzi)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-11-21] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-11] (Avira Operations GmbH & Co. KG)
R3 stdriver; C:\Windows\System32\DRIVERS\stdriver32.sys [52312 2012-06-21] (NCH Software)
U3 asify6mi; C:\Windows\system32\Drivers\asify6mi.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 aydu7eur; C:\Windows\system32\Drivers\aydu7eur.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 18:32 - 2015-06-15 18:36 - 00028900 _____ C:\Users\Philipp\Desktop\FRST.txt
2015-06-15 18:32 - 2015-06-15 18:35 - 00000000 ____D C:\FRST
2015-06-15 18:13 - 2015-06-15 18:13 - 01148416 _____ (Farbar) C:\Users\Philipp\Desktop\FRST.exe
2015-06-14 18:33 - 2015-06-14 18:33 - 00002991 _____ C:\Users\Philipp\AppData\Local\recently-used.xbel
2015-06-14 16:21 - 2015-06-14 16:21 - 00000012 ____H C:\dvmexp.idx
2015-06-14 08:12 - 2015-06-14 08:12 - 00000000 ___HD C:\dvmexp
2015-06-13 14:19 - 2015-06-13 14:19 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-13 14:18 - 2015-06-15 18:23 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA.job
2015-06-13 14:18 - 2015-06-15 14:23 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core.job
2015-06-13 14:18 - 2015-06-13 14:18 - 00000000 ____D C:\Users\Jeffel\AppData\Local\Dropbox
2015-06-13 14:18 - 2015-06-13 14:18 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-11 18:41 - 2015-06-11 18:41 - 00001085 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-10 10:09 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 10:09 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 10:09 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 10:09 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 10:09 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 10:09 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 10:09 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 10:09 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 10:09 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 10:09 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 10:09 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 10:09 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 10:09 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 10:09 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 10:09 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 10:09 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 10:09 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 10:09 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 10:09 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 10:09 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 10:09 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 10:09 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 10:09 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 10:09 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 10:09 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 10:09 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 10:09 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 10:09 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 10:09 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 10:09 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 10:09 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 10:09 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 10:09 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 10:09 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 10:09 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 10:09 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 10:08 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 10:08 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:08 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 10:08 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 10:08 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 10:08 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 10:08 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 10:08 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 10:08 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 10:08 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 10:08 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 10:08 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 10:08 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 10:08 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 10:08 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 10:08 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:08 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 10:08 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 10:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 10:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 10:08 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 10:08 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 17:20 - 2015-06-09 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-06-09 17:20 - 2015-06-09 17:21 - 00000000 ____D C:\Program Files\BlueStacks
2015-06-09 17:20 - 2015-06-09 17:20 - 00000000 ____D C:\ProgramData\BlueStacks
2015-06-09 17:18 - 2015-06-09 17:18 - 15738056 _____ C:\Users\Philipp\Downloads\CloudMusic_official_2.7.1.apk
2015-06-09 17:18 - 2015-06-09 17:18 - 14155832 _____ (BlueStack Systems Inc.) C:\Users\Philipp\Downloads\BlueStacks-ThinInstaller.exe
2015-06-09 15:44 - 2015-05-09 05:14 - 02937344 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 02045952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-09 15:44 - 2015-05-09 05:13 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-09 15:44 - 2015-05-09 05:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-09 15:44 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-09 15:44 - 2015-05-09 05:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-06 18:11 - 2015-06-06 18:11 - 00000000 ____D C:\Users\Beamer\AppData\Local\GWX
2015-06-06 11:34 - 2015-06-07 21:06 - 00000000 ____D C:\Users\Philipp\Documents\Joerg Riesa
2015-06-04 19:22 - 2015-06-04 19:22 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-03 16:37 - 2015-06-03 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-06-02 15:47 - 2015-06-04 18:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-01 20:38 - 2015-06-01 20:38 - 00000000 ____D C:\Users\Jeffel\AppData\Local\GWX
2015-06-01 18:03 - 2015-06-01 18:03 - 00000000 ____D C:\Users\Philipp\AppData\Local\GWX
2015-05-31 15:23 - 2015-05-31 15:43 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Dual Monitor
2015-05-31 15:23 - 2015-05-31 15:23 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2015-05-20 19:51 - 2015-05-20 19:51 - 00177664 _____ C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-20 17:18 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-20 17:18 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-20 17:18 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-17 19:56 - 2015-06-15 17:56 - 00000917 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00F3F166-48F4-41CC-97B5-0BCDE58D612F}.job
2015-05-17 19:56 - 2015-06-15 17:56 - 00000731 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00F3F166-48F4-41CC-97B5-0BCDE58D612F}.job
2015-05-16 09:04 - 2015-05-16 09:04 - 00172295 _____ C:\Users\Philipp\Documents\Konfiguration FritzBox.xps
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 18:19 - 2012-04-04 22:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-15 18:10 - 2014-12-31 17:10 - 00000917 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job
2015-06-15 18:10 - 2014-12-31 17:10 - 00000731 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job
2015-06-15 18:10 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-15 18:04 - 2010-01-31 18:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-15 17:04 - 2013-11-21 19:48 - 00000000 ____D C:\Users\Beamer\AppData\Roaming\DAEMON Tools Lite
2015-06-15 16:40 - 2009-12-25 17:20 - 00019456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-15 16:40 - 2009-12-25 17:20 - 00019456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-15 16:39 - 2012-12-17 20:34 - 00000000 ___RD C:\Users\Philipp\Documents\Dropbox
2015-06-15 16:38 - 2014-07-12 11:12 - 00000000 ___RD C:\Users\Philipp\Google Drive
2015-06-15 16:38 - 2010-12-01 14:28 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Dropbox
2015-06-15 16:35 - 2010-01-31 18:04 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 08:20 - 2009-12-25 18:22 - 01411283 _____ C:\Windows\WindowsUpdate.log
2015-06-15 06:48 - 2010-09-11 19:48 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Skype
2015-06-15 06:45 - 2014-07-30 10:13 - 00000000 __SHD C:\Users\Jeffel\AppData\Local\EmieUserList
2015-06-15 06:45 - 2014-07-30 10:13 - 00000000 __SHD C:\Users\Jeffel\AppData\Local\EmieSiteList
2015-06-15 06:11 - 2009-08-20 05:40 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 20:33 - 2012-12-30 21:21 - 00000000 ___RD C:\Users\Jeffel\Dropbox
2015-06-14 20:33 - 2012-12-30 21:17 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Dropbox
2015-06-14 19:33 - 2010-10-18 18:21 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2015-06-14 18:34 - 2014-11-23 16:42 - 00000000 ____D C:\Users\Philipp\.gimp-2.8
2015-06-14 17:18 - 2013-03-30 18:22 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\.minecraft
2015-06-14 16:36 - 2014-11-23 16:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\gtk-2.0
2015-06-14 16:21 - 2009-08-19 05:27 - 00000000 ___HD C:\temp
2015-06-14 08:15 - 2013-02-10 11:44 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-06-14 08:12 - 2015-04-02 11:31 - 00244957 _____ C:\Windows\setupact.log
2015-06-14 08:12 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-13 13:07 - 2014-07-12 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-11 18:47 - 2015-04-04 08:21 - 00002266 _____ C:\Windows\PFRO.log
2015-06-11 18:47 - 2011-10-20 18:09 - 00000000 ____D C:\ProgramData\Avira
2015-06-11 18:41 - 2014-08-25 20:44 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-11 18:40 - 2015-03-05 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-11 18:40 - 2012-11-02 20:39 - 00000000 ____D C:\Program Files\Avira
2015-06-11 12:09 - 2012-11-02 20:40 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-11 12:09 - 2012-11-02 20:40 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-11 12:09 - 2012-11-02 20:40 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys
2015-06-11 09:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-06-10 17:55 - 2014-05-29 20:43 - 00000000 ____D C:\Users\Philipp\.android
2015-06-10 17:19 - 2012-04-04 22:24 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-10 17:19 - 2011-06-10 19:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-10 15:43 - 2015-04-02 11:30 - 00572992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 15:05 - 2014-12-10 22:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 15:05 - 2014-04-26 10:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 15:04 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-10 10:31 - 2009-08-19 04:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 10:25 - 2013-07-28 23:00 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 10:14 - 2009-12-29 22:28 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 17:21 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-08 18:27 - 2013-06-17 09:00 - 00000000 ____D C:\ProgramData\Origin
2015-06-08 18:20 - 2013-06-17 11:51 - 00000000 ____D C:\Users\Beamer\AppData\Roaming\Origin
2015-06-08 18:14 - 2013-06-17 09:00 - 00000000 ____D C:\Program Files\Origin
2015-06-08 17:04 - 2013-11-27 20:45 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-06-07 08:24 - 2009-12-25 20:08 - 00000354 _____ C:\Windows\Tasks\Driver Robot.job
2015-06-06 10:46 - 2012-05-17 13:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Notepad++
2015-06-04 19:21 - 2009-08-19 04:20 - 00000000 ____D C:\Program Files\Google
2015-06-04 18:42 - 2012-05-11 15:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-03 16:42 - 2014-04-28 18:03 - 00000000 ____D C:\Program Files\CCleaner
2015-05-31 15:54 - 2012-12-22 15:49 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Audacity
2015-05-30 22:11 - 2009-11-24 20:19 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-05-30 12:55 - 2010-03-06 18:42 - 00000000 ____D C:\Users\Jeffel\Documents\Kigo
2015-05-27 18:16 - 2010-01-25 18:43 - 00000000 ____D C:\Users\Jeffel\Documents\Telefon
2015-05-26 11:56 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 21:22 - 2011-08-28 09:47 - 00000000 ____D C:\Users\Beamer
2015-05-20 20:24 - 2012-11-02 20:40 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-05-20 17:19 - 2015-04-04 20:15 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 17:07 - 2010-10-21 17:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2015-05-20 17:06 - 2011-08-28 10:41 - 00000000 ____D C:\Users\Beamer\AppData\Local\Adobe
2015-05-16 20:06 - 2012-07-28 22:41 - 00000000 ____D C:\Windows\Minidump
2015-05-16 19:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-05-16 08:11 - 2010-12-01 14:28 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Files in the root of some directories =======
2007-06-12 10:34 - 2007-06-12 10:34 - 0035822 _____ () C:\Program Files\Common Files\ASPG_icon.ico
2008-05-22 09:35 - 2008-05-22 09:35 - 0051962 _____ () C:\Program Files\Common Files\banner.jpg
2009-04-08 11:31 - 2009-04-08 11:31 - 0106496 _____ () C:\Program Files\Common Files\CPInstallAction.dll
2008-08-11 22:45 - 2008-08-11 22:45 - 0155648 _____ (ASUS) C:\Program Files\Common Files\MSIactionall.dll
2013-06-01 21:00 - 2013-06-03 12:18 - 0004143 _____ () C:\Users\Philipp\AppData\Roaming\FTBLauncherLog.txt
2013-06-01 21:00 - 2013-06-03 12:23 - 0078208 _____ () C:\Users\Philipp\AppData\Roaming\MinecraftLog.txt
2012-06-19 14:26 - 2012-06-19 14:26 - 0041472 ___SH () C:\Users\Philipp\AppData\Roaming\Thumbs.db
2010-11-19 20:11 - 2013-02-02 12:46 - 0010240 _____ () C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-14 18:33 - 2015-06-14 18:33 - 0002991 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2012-04-17 18:47 - 2012-04-17 18:47 - 0000017 _____ () C:\Users\Philipp\AppData\Local\resmon.resmoncfg
2010-09-11 19:55 - 2010-09-11 19:55 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Files to move or delete:
====================
C:\Users\Jeffel\i2errDeu.dll
Some files in TEMP:
====================
C:\Users\Beamer\AppData\Local\Temp\atcMedia1291428144436.exe
C:\Users\Beamer\AppData\Local\Temp\avgnt.exe
C:\Users\Jeffel\AppData\Local\Temp\AskSLib.dll
C:\Users\Jeffel\AppData\Local\Temp\AutoRun.exe
C:\Users\Jeffel\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jeffel\AppData\Local\Temp\avgnt.exe
C:\Users\Jeffel\AppData\Local\Temp\Delay.exe
C:\Users\Jeffel\AppData\Local\Temp\DirectoryRemovalUtility.exe
C:\Users\Jeffel\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jeffel\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Jeffel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw138tc.dll
C:\Users\Jeffel\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Jeffel\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Jeffel\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Jeffel\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\mpsetup.exe
C:\Users\Jeffel\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jeffel\AppData\Local\Temp\ose00000.exe
C:\Users\Jeffel\AppData\Local\Temp\PicasaUpdater_7e04.exe
C:\Users\Jeffel\AppData\Local\Temp\RemoveGO.exe
C:\Users\Jeffel\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Jeffel\AppData\Local\Temp\sdapskill.exe
C:\Users\Jeffel\AppData\Local\Temp\setup.exe
C:\Users\Jeffel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jeffel\AppData\Local\Temp\uninst1.exe
C:\Users\Jeffel\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Jeffel\AppData\Local\Temp\_is9E90.exe
C:\Users\Jeffel\AppData\Local\Temp\_isBF68.exe
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe
C:\Users\Philipp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvefjun.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Und noch die Addition.txt: [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Philipp at 2015-06-15 18:37:28
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-644356114-2566177158-2502637254-500 - Administrator - Disabled)
Beamer (S-1-5-21-644356114-2566177158-2502637254-1005 - Administrator - Enabled) => C:\Users\Beamer
Ellen & Manuel (S-1-5-21-644356114-2566177158-2502637254-1008 - Limited - Enabled) => C:\Users\Ellen & Manuel
Gast (S-1-5-21-644356114-2566177158-2502637254-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-644356114-2566177158-2502637254-1010 - Limited - Enabled)
Jeffel (S-1-5-21-644356114-2566177158-2502637254-1000 - Administrator - Enabled) => C:\Users\Jeffel
Manuel (S-1-5-21-644356114-2566177158-2502637254-1011 - Limited - Enabled) => C:\Users\Manuel
Philipp (S-1-5-21-644356114-2566177158-2502637254-1004 - Limited - Enabled) => C:\Users\Philipp
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1&1 SmartFax (HKLM\...\1&1 SmartFax) (Version: 2.00.224 - 1&1 Internet AG)
3dPageFlip Editor (HKLM\...\3dPageFlip PDF Editor_is1) (Version: - 3dPageFlip Solution)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adblock Plus für IE (32-Bit) (HKLM\...\{654F389B-E402-4F7B-BA6D-DA732BB57ACB}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM\...\AmUStor) (Version: 1.4.1217.35202 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.4.1217.35202 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS Data Security Manager (HKLM\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS FancyStart (HKLM\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear eXtreme (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.0.19 - ASUS)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Touch Pad Extra (HKLM\...\{DB891739-2EB3-45A8-9CBD-941C255CECD4}) (Version: - )
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{0AE24BD5-185C-436C-D93D-50574523C6C4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0053 - ASUS)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.9.1462 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0.2 (HKLM\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira (HKLM\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.29781 - Ask.com) <==== ATTENTION
Bandicam (HKLM\...\Bandicam) (Version: 1.8.5.302 - Bandisoft.com)
Battlefield 1942™ (HKLM\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Bejeweled® 3 (HKLM\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.27.5408 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.27.5408 - BlueStack Systems, Inc.)
Bob baut einen Park (HKLM\...\{367EDD83-302F-48E6-8F77-B0B056125C2D}) (Version: 1.0.0 - )
Bob der Baumeister (HKLM\...\{8F2D21F9-F428-4EF2-8111-953EF3299EFB}) (Version: 1.0.0 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP490 series Benutzerregistrierung (HKLM\...\Canon MP490 series Benutzerregistrierung) (Version: - )
Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Construction-Simulator 2015 (HKLM\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH)
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
Crusader No Remorse (HKLM\...\{2AEA735F-B393-4D89-93EF-5849CB72B4A3}) (Version: 1.0.0.2 - Electronic Arts)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Diercke Globus Online (HKLM\...\Diercke Globus Online) (Version: 3.1.0 - Imagon GmbH)
dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Dolby Control Center (HKLM\...\{0F3C61B5-3051-4DE6-8A6A-45100BCC1F41}) (Version: 1.2.0704 - Dolby)
Dropbox (HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Druckerdeinstallation für EPSON XP-312 313 315 Series (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON XP-412 413 415 Series (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation)
Dual Monitor 1.22 (HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
EA SPORTS FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.5.0.61021 - Electronic Arts, Inc.)
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON-Handbücher (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Express Gate (HKLM\...\{62CF8923-31DC-4285-A23C-17CE5AA6A679}) (Version: 1.0.3.2 - DeviceVM, Inc.)
F1 2013 (HKLM\...\Steam App 223670) (Version: - Codemasters Birmingham)
FIFA 09 (HKLM\...\{2315B23D-3E21-4920-837D-AE6460934ECB}) (Version: 1.0.1.1 - Electronic Arts)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Globus Fotoservice 4.4 (HKLM\...\Globus Fotoservice_is1) (Version: - )
Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hot Wheels (HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\{CF36DD86-81D3-4D91-8F7A-344E0C1A4BFD}) (Version: 1.00.0000 - Activision Value)
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
Isola LEGO 2 (HKLM\...\{85967580-EBC2-11D4-AEA3-0050046A88ED}) (Version: - )
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
KingsoftOfficeXPlats 1.4 (HKLM\...\KingsoftOfficeXPlats) (Version: 1.4 - Kingsoft)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LBOTS Top mouse Driver (HKLM\...\{F1A273BD-6A9E-41D8-A111-5E56ACD286F8}) (Version: 1.0 - Togran)
LEGO Racers 2 (HKLM\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version: - )
LEGO® Star Wars™: Die Komplette Saga (HKLM\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (Version: 1.00.0000 - LucasArts) Hidden
LEGOLAND (HKLM\...\LEGOLANDDeInstKey) (Version: - )
Logitech Gaming Software (HKLM\...\{648F9C94-EC44-487B-9DA4-44ED72A082CC}) (Version: 4.50 - )
MAGIX Speed burnR (MSI) (HKLM\...\MX.{16884C3D-3512-486D-A2F9-39071551BFEF}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 (HKLM\...\MX.{EA62B22F-AB0A-406B-80A9-8036D3CE3446}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 (Version: 13.0.2.8 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}) (Version: 1.20.146.0 - Microsoft)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minigolf (HKLM\...\Minigolf_is1) (Version: - Meridian93)
Monkey's Adventures (HKLM\...\Monkey's Adventures_is1) (Version: - play-publishing.com)
Motorola Driver Installation 3.4.0 (HKLM\...\{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}) (Version: 3.4.0 - Motorola Inc.)
Motorola Phone Tools (HKLM\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 5.0.7a 4/01/2008 - Avanquest Software)
Motorola Phone Tools (Version: 4.30 - BVRP Software) Hidden
Motorola Phone Tools (Version: 5.00 - BVRP Software) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPublicWiFi 5.1 (HKLM\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version: - TRUE Software)
Mystery P.I. - The London Caper (HKLM\...\Mystery P.I. - The London Caper) (Version: - PopCap Games)
NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - )
Need For Speed™ World (HKLM\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Net4Switch (HKLM\...\{9D6D7811-43B3-463C-BC79-5D1755269989}) (Version: 1.00.0019 - ASUS)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.2 - )
OpenAL (HKLM\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.2 (HKLM\...\{91E5A436-8560-4621-9F26-D7050D078832}) (Version: 4.3.2 - Oracle Corporation)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.0 - )
Peter Lustigs Verkehrsschule (HKLM\...\Verkehrsschule) (Version: - )
Pflanzen gegen Zombies™ (HKLM\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Roads Of Rome (HKLM\...\Roads Of Rome_is1) (Version: - Realore Studios)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SimCity 2000 Special Edition (HKLM\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Software Updater (HKLM\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.1.1 - Synaptics Incorporated)
Syndicate (HKLM\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
System Requirements Lab CYRI (HKLM\...\{E77DA909-3532-4C95-AFEB-06310E88462A}) (Version: 6.0.3.0 - Husdawg, LLC)
Theme Hospital (HKLM\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
TmNationsForever (HKLM\...\TmNationsForever_is1) (Version: - Nadeo)
TOGGO PC-Spielebox 2 (HKLM\...\{67EECE0C-8B6C-4D09-989D-D39BC9BBCA0E}) (Version: 1.00.0000 - )
Toyland Racer (HKLM\...\Toyland Racer) (Version: - )
Unified Remote (HKLM\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote)
Unity Web Player (HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
Werksfeuerwehr-Simulator Version 1.0 (HKLM\...\{5F7ED0CD-E04E-4441-9E03-10AFDB654E96}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\Driver Robot.job =>
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core.job =>
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA.job =>
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job =>
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job =>
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00F3F166-48F4-41CC-97B5-0BCDE58D612F}.job =>
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00F3F166-48F4-41CC-97B5-0BCDE58D612F}.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Loaded Modules (Whitelisted) ==============
2007-06-15 11:28 - 2007-06-15 11:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-01 18:08 - 2007-06-01 18:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2013-12-24 20:39 - 2012-11-20 00:44 - 00786432 _____ () D:\Gaming Maus\DareUMonitor.exe
2013-12-24 20:39 - 2013-03-27 13:48 - 00057344 _____ () D:\Gaming Maus\lan.dll
2013-12-24 20:39 - 2012-04-19 18:15 - 00061440 _____ () D:\Gaming Maus\hiddriver.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-06-15 16:36 - 2015-06-15 16:36 - 00043008 _____ () c:\users\philipp\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvefjun.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Philipp\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Philipp\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Philipp\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Philipp\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-06-15 16:35 - 2015-06-15 16:35 - 00098816 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32api.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00110080 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\pywintypes27.dll
2015-06-15 16:35 - 2015-06-15 16:35 - 00364544 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\pythoncom27.dll
2015-06-15 16:35 - 2015-06-15 16:35 - 00045568 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_socket.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 01161216 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_ssl.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00320512 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32com.shell.shell.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00713216 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_hashlib.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 01175040 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._core_.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00805888 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._gdi_.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00811008 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._windows_.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 01062400 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._controls_.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00735232 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._misc_.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00682496 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\pysqlite2._sqlite.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00087552 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_ctypes.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00119808 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32file.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00108544 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32security.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00007168 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\hashobjs_ext.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00026624 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\usb_ext.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00167936 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32gui.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00018432 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32event.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00128512 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_elementtree.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00127488 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\pyexpat.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00013824 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\common.time34.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00036864 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_psutil_windows.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00038912 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32inet.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00011264 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32crypt.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00070656 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._html2.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00027136 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_multiprocessing.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00020480 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\_yappi.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00035840 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32process.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00686080 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\unicodedata.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00122368 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._wizard.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00024064 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32pipe.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00010240 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\select.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00025600 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32pdh.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00525640 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\windows._lib_cacheinvalidation.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00017408 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32profile.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00022528 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\win32ts.pyd
2015-06-15 16:35 - 2015-06-15 16:35 - 00078336 _____ () C:\Users\Philipp\AppData\Local\Temp\_MEI62202\wx._animate.pyd
2013-11-27 20:48 - 2015-04-16 19:40 - 00776192 _____ () D:\Steam\SDL2.dll
2015-01-24 17:49 - 2015-04-23 04:16 - 04962816 _____ () D:\Steam\v8.dll
2015-01-24 17:49 - 2015-04-23 04:16 - 01556992 _____ () D:\Steam\icui18n.dll
2015-01-24 17:49 - 2015-04-23 04:16 - 01187840 _____ () D:\Steam\icuuc.dll
2014-05-22 17:04 - 2015-06-04 20:56 - 02407104 _____ () D:\Steam\video.dll
2014-08-31 20:09 - 2014-12-01 23:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll
2014-08-31 20:09 - 2014-12-01 23:31 - 00442880 _____ () D:\Steam\libavutil-54.dll
2014-08-31 20:09 - 2014-12-01 23:31 - 00479744 _____ () D:\Steam\libavformat-56.dll
2014-08-31 20:09 - 2014-12-01 23:31 - 00332800 _____ () D:\Steam\libavresample-2.dll
2014-08-31 20:09 - 2014-12-01 23:31 - 00485888 _____ () D:\Steam\libswscale-3.dll
2013-11-27 20:48 - 2015-06-04 20:56 - 00703168 _____ () D:\Steam\bin\chromehtml.DLL
2013-11-27 20:48 - 2015-05-11 21:01 - 36302728 _____ () D:\Steam\bin\libcef.dll
2015-05-16 07:55 - 2015-05-11 21:01 - 08958344 _____ () D:\Steam\bin\pdf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Jeffel\Desktop\1.avi:TOC.WMV
AlternateDataStreams: C:\Users\Jeffel\Desktop\2.avi:TOC.WMV
AlternateDataStreams: C:\Users\Jeffel\Desktop\3.avi:TOC.WMV
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.177.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AlcoholAutomount => "D:\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Camera ScreenSaver => C:\Windows\AsScrProlog.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\ASScrPro.exe
MSCONFIG\startupreg: ASUSTPE => C:\Windows\system32\ASUSTPE.exe
MSCONFIG\startupreg: AVMUSBFernanschluss => "C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\DT\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesTrayAgent => D:\Samsung Kies\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{98B426BE-4154-48E7-A940-C28AD6AB3C7E}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A0ED8D77-C475-4A7C-9683-E33EF6CA08AE}] => (Allow) svchost.exe
FirewallRules: [{5A959ABA-B81C-408F-9BF9-A382D827ED17}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{92FF86AB-5408-4239-86CD-713C52CC5E72}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{756D4762-70FE-4F03-9A42-0F627F10CBF8}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{F15C73F2-09B2-4D70-B6C1-FCB8C6C3077A}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{3518798C-9464-4B02-B79D-33060DE82A80}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{F87691B0-9C93-4349-8E2B-69BF1B0D816D}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0756E3CD-F4D3-4373-BCB1-583FDDA22919}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6939840F-897B-42B5-8E48-6E97937198B0}] => (Allow) svchost.exe
FirewallRules: [{59E3FF2C-493B-4937-9A37-DA9D1CAAFC4B}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{A1DE6356-BBC4-48A8-B039-88DEB224609A}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E3168A96-5F5E-4485-AD0D-7AE6A2596564}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4AF10D0E-C4C1-40A2-936B-C6F2AB12613B}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{88D7FF05-F79E-4946-A853-288BD573E814}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{9EFEAB5F-7210-4BC7-8BA8-231FA6D585A1}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{375FCB23-571C-4F84-90FE-A0670DEAAC49}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{55E52E7C-FD6E-4517-8357-F6D71154371A}] => (Allow) C:\Users\Jeffel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9C447FBD-4CD0-4507-918C-C3C1FC1BC0BC}] => (Allow) C:\Users\Jeffel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{424B5F96-6253-4B19-824F-7157B91CE53C}C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A3FECD29-88C2-49EE-9826-78B12649C757}C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jeffel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{5518E9F3-F3DC-433F-9E50-A930A0CD15F2}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{55697CCA-A2DB-4C9F-8442-8DC6C36139AA}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{3E55C8FD-D431-4830-8F71-22F2B69255C3}C:\program files\ea sports\fifa 09\fifa09.exe] => (Allow) C:\program files\ea sports\fifa 09\fifa09.exe
FirewallRules: [UDP Query User{6B39FD39-72B8-4683-9E30-4221DEFAD5D9}C:\program files\ea sports\fifa 09\fifa09.exe] => (Allow) C:\program files\ea sports\fifa 09\fifa09.exe
FirewallRules: [TCP Query User{EF7EF825-131B-4165-A892-9DEC02FC688F}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [UDP Query User{25BF93E3-CEFC-4077-972C-637BBD3D8D23}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{BE0F663E-C815-4563-A897-646E54E5E075}] => (Block) E:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{C1AD54B1-3E4E-48CD-AA59-46A81630CED6}] => (Block) E:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [TCP Query User{642462DC-FE55-4283-B3BE-5116D1ABD2D1}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1543EF59-9BDC-45F3-98C1-666138EE2360}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F42F3A51-5E79-42CD-97EC-8F46AFB3AEDA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3AF441F6-2448-4E93-AF29-F00F2983A81B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3A83D0B7-CC23-4E0A-A47F-BA4C727DA59B}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A30C3FCC-E865-487C-BB2B-94503E562E57}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C5B4D7F3-5ACD-4113-B7F8-EF24617B930D}] => (Allow) D:\OriginGames\Need for Speed World\GameLauncher.exe
FirewallRules: [{54FB9595-0BFB-47AF-866A-250C8D7B1BAF}] => (Allow) D:\OriginGames\Need for Speed World\GameLauncher.exe
FirewallRules: [{9E1C364E-EA27-4082-AB13-FBEBC90590BA}] => (Allow) D:\OriginGames\Battlefield 1942\BF1942.exe
FirewallRules: [{2EB3B6C7-04D1-43DF-B4B0-B47348DBCD68}] => (Allow) D:\OriginGames\Battlefield 1942\BF1942.exe
FirewallRules: [{DBB13B95-B032-45C2-A416-2E496104A650}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{5456B4DC-0D08-476B-B4CB-8BA97886248B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B3C9C811-6617-41F7-8833-D1B66AC7C967}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{FB78B67C-4DFB-45DA-8910-73B460C08EE9}D:\needforspeed world\data\nfsw.exe] => (Allow) D:\needforspeed world\data\nfsw.exe
FirewallRules: [UDP Query User{514C9672-18B4-476C-B568-2B1D2211DC21}D:\needforspeed world\data\nfsw.exe] => (Allow) D:\needforspeed world\data\nfsw.exe
FirewallRules: [{122DB7AB-303C-4A23-8984-A4089D07A519}] => (Allow) D:\Steam\SteamApps\common\f12013\F1_2013.exe
FirewallRules: [{BA4A4B55-61BE-49C7-B106-9CF16C1FEFCA}] => (Allow) D:\Steam\SteamApps\common\f12013\F1_2013.exe
FirewallRules: [{852A6D93-68A1-49D2-A427-091873A0F8AF}] => (Allow) D:\OriginGames\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{1C423230-E993-447A-B8BC-B011BD1ABEA4}] => (Allow) D:\OriginGames\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{5476BAD2-AE20-42B2-BFC6-58B987D9EC81}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{812E2119-243A-400E-B7FE-DEB6D62808AB}] => (Allow) D:\OriginGames\SimCity\SimCity\SimCity.exe
FirewallRules: [{2C4E33E9-EDDF-4059-9790-647FCF83145D}] => (Allow) D:\OriginGames\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{60D69111-FE19-4415-B387-D97AE26AFD38}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{F2DF262E-FF7C-484F-AA4E-63FF8880305C}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe
FirewallRules: [{A3C3ECE5-F0B8-458B-BF51-A7F6BF8F5E0E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{DAA3B140-1FED-47B5-9F25-FB8F35548A03}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{F14B2E24-FBC1-4546-BBB6-CCBF3E3C26CB}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{1EBAA986-ABD7-469D-8126-C6A22AB47DCF}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{DF57783D-CA97-4654-B267-AC96484B730F}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{695F1F23-F5F2-4E3A-93D3-C046C30B108D}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{18759B6E-98BA-4489-983D-ABCF93CE30A2}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{C48C23E4-CF37-4289-AC60-2FF3F377ACD4}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{BAE39D93-BC07-4545-A838-D128E5D729B1}] => (Allow) C:\Users\Philipp\AppData\Local\Apps\2.0\AKHGTRNK.DG4\BWYE0CZZ.LL7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{BDC2FD03-237D-49E4-A6A2-8AE3211FB11A}] => (Allow) C:\Users\Philipp\AppData\Local\Apps\2.0\AKHGTRNK.DG4\BWYE0CZZ.LL7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{2A33F55E-5BBB-4A44-9852-D7FEA360081E}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{084ED6E8-0CDB-42C1-9716-21D9E1E099C3}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{5A171416-5B5C-45E6-A06C-FD51ECCBBA01}C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Block) C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{EC3DF4E2-12D4-4BEA-9E53-8BD42E933EE3}C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Block) C:\users\philipp\appdata\local\apps\2.0\akhgtrnk.dg4\bwye0czz.ll7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{B3F421E8-5795-4576-A04B-678154A5D42C}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{56B79544-76F5-4B6F-85BD-3CA9415A0BE3}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [TCP Query User{A674A672-4708-4C05-A7DD-7FC78F2ABAD6}C:\program files\unified remote\remoteserver.exe] => (Allow) C:\program files\unified remote\remoteserver.exe
FirewallRules: [UDP Query User{C42108C2-C11D-4BCD-848F-C882C383AFF1}C:\program files\unified remote\remoteserver.exe] => (Allow) C:\program files\unified remote\remoteserver.exe
FirewallRules: [{66918B97-AE64-444C-9DB6-5DB605AE12F7}] => (Allow) D:\OriginGames\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{4D93D20E-753C-494E-8FA6-F47CF535E417}] => (Allow) D:\OriginGames\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{100DFB51-03A7-409A-8436-B1ADEDE290A7}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{3D1CFBF6-1099-4721-A86E-438E12C875EA}] => (Allow) C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{708B5EAF-95EC-428E-9AA3-7F8A3CC499D7}] => (Allow) D:\OriginGames\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe
FirewallRules: [{252252F8-D1E0-473A-8A33-743C157FAAAB}] => (Allow) D:\OriginGames\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe
FirewallRules: [{12369EEC-4B3E-4804-8395-3B1EE1D1F377}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{23965B5B-2D1F-4BC2-82F2-4E012CDB6110}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{8AD425C4-E4CD-4E0A-B470-71C0186D4419}] => (Allow) D:\OriginGames\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{79468976-3ED7-4AAD-8CDF-CC32C20626C3}] => (Allow) D:\OriginGames\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{98C0D637-E762-4100-8AF8-3E756C54A265}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{533B5FB5-1CB8-4776-8F97-B9D35616A215}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{D67CAA53-7942-4A91-8D54-03DE16AF77AA}] => (Allow) D:\Steam\SteamApps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{085EB9AF-D4B4-42D7-AA85-2FF13C776871}] => (Allow) D:\Steam\SteamApps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{13EC435C-D4A0-4045-9736-20D5C2A52E0F}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{766D54AC-FE82-4990-81C9-4B3E62FC1D8E}] => (Allow) C:\Users\Beamer\AppData\Local\Apps\2.0\L54C6PTC.C5D\OZVODBER.JQ7\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{8147F4AA-6FEE-48F5-A257-DADCA6B3D1F7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B59D5117-8BF8-4401-A031-594855C5359E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C3A2EE98-6FD7-4841-986B-5FF483452073}] => (Allow) D:\OriginGames\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{7894DF2C-B685-420A-810A-505E1663461E}] => (Allow) D:\OriginGames\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{AB875D33-F535-45C7-83AD-4542A38F0A9A}] => (Allow) D:\OriginGames\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{C8819052-499D-4060-A2CB-63C85B7289F3}] => (Allow) D:\OriginGames\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [TCP Query User{2405E39F-611A-4841-8667-B7FAB332ED13}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{98A5CF53-9EE7-4592-86E6-5A255E971ED4}D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) D:\philipp scheffler\philipps sachen\minecraft\neue installation\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{42389642-E7E4-4FA7-99F0-D17483626C6F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{546675B7-4D5D-41B0-A82B-3C2AE0AED9AE}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{F4820325-C52D-4F14-B0C1-E2F40210A513}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\pft3077.tmp\fsetup.exe
FirewallRules: [{F8A2199B-EA6F-43B4-BF29-FC040CE4901D}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\pft3077.tmp\fsetup.exe
FirewallRules: [{0CB53765-513D-49DE-87C5-AECA2C3658C1}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\pftAA65.tmp\fsetup.exe
FirewallRules: [{C88A6BB6-DBFF-4572-AA49-2F5929892EA3}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\pftAA65.tmp\fsetup.exe
FirewallRules: [{13D83860-A9E7-48A7-A64E-3D805CB1B574}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\pft96D1.tmp\fsetup.exe
FirewallRules: [{4DDF4814-C41E-4164-81FB-D9C60F8AD319}] => (Allow) C:\Users\Beamer\AppData\Local\Temp\pft96D1.tmp\fsetup.exe
FirewallRules: [{7870E46B-69E5-4524-B2E7-ECEB9E6D710D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/15/2015 06:34:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST.exe, Version 13.6.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 26c0
Startzeit: 01d0a788caaf2ddf
Endzeit: 0
Anwendungspfad: C:\Users\Philipp\Desktop\FRST.exe
Berichts-ID: 36209be9-137c-11e5-977e-002618f9ca5d
Error: (06/15/2015 05:07:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: legoland.exe, Version: 0.2.2.9, Zeitstempel: 0x3934d3e8
Name des fehlerhaften Moduls: legoland.exe, Version: 0.2.2.9, Zeitstempel: 0x3934d3e8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005241a
ID des fehlerhaften Prozesses: 0x23a0
Startzeit der fehlerhaften Anwendung: 0xlegoland.exe0
Pfad der fehlerhaften Anwendung: legoland.exe1
Pfad des fehlerhaften Moduls: legoland.exe2
Berichtskennung: legoland.exe3
Error: (06/15/2015 02:23:59 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (06/15/2015 06:27:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wlmail.exe, Version 14.0.8089.726 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 20bc
Startzeit: 01d0a72357fe1421
Endzeit: 20
Anwendungspfad: C:\Program Files\Windows Live\Mail\wlmail.exe
Berichts-ID: e0ef34aa-1316-11e5-977e-002618f9ca5d
Error: (06/15/2015 06:25:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wlmail.exe, Version 14.0.8089.726 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1fec
Startzeit: 01d0a72282aa9518
Endzeit: 40
Anwendungspfad: C:\Program Files\Windows Live\Mail\wlmail.exe
Berichts-ID: 8e335d02-1316-11e5-977e-002618f9ca5d
Error: (06/15/2015 02:09:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/14/2015 07:33:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2492256
Error: (06/14/2015 07:33:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2492256
Error: (06/14/2015 07:33:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/14/2015 06:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7332
System errors:
=============
Error: (06/15/2015 05:20:20 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 05:20:10 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 05:19:15 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 05:18:50 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 05:16:54 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 05:08:49 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 05:07:51 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 05:06:06 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (06/15/2015 04:43:24 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agent nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Error: (06/15/2015 04:37:52 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0 Bytes Speicher konnten durch den DNS-Proxy-Agent nicht zugeordnet werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner Fehler ist im Speicher-Manager aufgetreten.
Microsoft Office:
=========================
Error: (06/15/2015 06:34:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe13.6.2015.026c001d0a788caaf2ddf0C:\Users\Philipp\Desktop\FRST.exe36209be9-137c-11e5-977e-002618f9ca5d
Error: (06/15/2015 05:07:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: legoland.exe0.2.2.93934d3e8legoland.exe0.2.2.93934d3e8c00000050005241a23a001d0a77cca8cafe5C:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exeC:\Program Files\LEGO Media\Spiele\LEGOLAND\legoland.exe4955926e-1370-11e5-977e-002618f9ca5d
Error: (06/15/2015 02:23:59 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (06/15/2015 06:27:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wlmail.exe14.0.8089.72620bc01d0a72357fe142120C:\Program Files\Windows Live\Mail\wlmail.exee0ef34aa-1316-11e5-977e-002618f9ca5d
Error: (06/15/2015 06:25:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wlmail.exe14.0.8089.7261fec01d0a72282aa951840C:\Program Files\Windows Live\Mail\wlmail.exe8e335d02-1316-11e5-977e-002618f9ca5d
Error: (06/15/2015 02:09:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE
Error: (06/14/2015 07:33:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2492256
Error: (06/14/2015 07:33:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2492256
Error: (06/14/2015 07:33:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/14/2015 06:52:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7332
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 48%
Total physical RAM: 3071.27 MB
Available physical RAM: 1570.68 MB
Total Pagefile: 6140.86 MB
Available Pagefile: 3668.44 MB
Total Virtual: 3071.88 MB
Available Virtual: 2926.79 MB
==================== Drives ================================
Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:24.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:137.33 GB) (Free:68.21 GB) NTFS
==================== MBR & Partition Table ==================
==================== End of log ============================
|
|
15.06.2015, 17:51
| #4 |
| | DHL Spam Mail -> Trojaner/Virus? Nun noch ein Scan als Admin (hab beim Auswahlfenster einfach einen genommen): Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Beamer (administrator) on SCHEFFLER-PC on 15-06-2015 18:45:13
Running from C:\Users\Philipp\Desktop
Loaded Profiles: Jeffel & Philipp & Beamer & Ellen & Manuel & Manuel (Available Profiles: Jeffel & Philipp & Beamer & Ellen & Manuel & Manuel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
(DeviceVM) C:\ASUS.SYS\DVMExportService.exe
() C:\Program Files\MyPublicWiFi\PublicWiFiService.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(DEVGURU Co., LTD.) D:\Samsung Kies\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() D:\Gaming Maus\DareUMonitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILEE.EXE
(Dropbox, Inc.) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1549608 2009-08-17] (Synaptics Incorporated)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [233472 2009-07-31] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ADSMTray] => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-11] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Dare-U mouse] => D:\Gaming Maus\DareUMonitor.exe [786432 2012-11-20] ()
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [884440 2015-05-28] (BlueStack Systems, Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\Run: [DAEMON Tools Lite] => D:\DT\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\Run: [Dropbox Update] => C:\Users\Jeffel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_188_Plugin.exe [927920 2015-05-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\...\MountPoints2: {7ed2759d-f168-11de-961b-806e6f6e6963} - E:\NightRacer.EXE
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [DAEMON Tools Lite] => D:\DT\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [Steam] => D:\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3632472 2015-06-08] (Electronic Arts)
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\RunOnce: [iCloud] => C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe
HKU\S-1-5-21-644356114-2566177158-2502637254-1008\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-644356114-2566177158-2502637254-1008\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe
HKU\S-1-5-21-644356114-2566177158-2502637254-1008\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-644356114-2566177158-2502637254-1011\...\MountPoints2: {1574b094-52d4-11e3-a17e-002618f9ca5d} - F:\Autorun.exe
HKU\S-1-5-21-644356114-2566177158-2502637254-1011\...\MountPoints2: {7ed2759d-f168-11de-961b-806e6f6e6963} - E:\NightRacer.EXE
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-03-30]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Beamer\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-03-31]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-01] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beamer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-05-19] (Google)
GroupPolicyUsers\S-1-5-21-644356114-2566177158-2502637254-1011\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-644356114-2566177158-2502637254-1004\User: Group Policy Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-644356114-2566177158-2502637254-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
HKU\S-1-5-21-644356114-2566177158-2502637254-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.de/
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-644356114-2566177158-2502637254-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
HKU\S-1-5-21-644356114-2566177158-2502637254-1008\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_de
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119649&babsrc=SP_ss&mntrId=9a1a16840000000000002225d303ecbc
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_de
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> {7B55E28C-0351-41CC-AC14-22094D95924D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=71BBFB7C-F00D-4E16-9DA1-51512365ABFE&apn_sauid=A57E7053-3C73-4602-928F-51C6D1D21E5C
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1404014489394795&p2=^A6E^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {76193214-59DA-47ED-BB15-3BCACFC2C36A} URL = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1404014489394795&p2=^A6E^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {7B55E28C-0351-41CC-AC14-22094D95924D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=71BBFB7C-F00D-4E16-9DA1-51512365ABFE&apn_sauid=A57E7053-3C73-4602-928F-51C6D1D21E5C
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {B1316728-20A2-4B2A-9CD7-B52C1B2CB91A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=71BBFB7C-F00D-4E16-9DA1-51512365ABFE&apn_sauid=A57E7053-3C73-4602-928F-51C6D1D21E5C
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1404014489394795&p2=^A6E^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 -> {7B55E28C-0351-41CC-AC14-22094D95924D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=71BBFB7C-F00D-4E16-9DA1-51512365ABFE&apn_sauid=A57E7053-3C73-4602-928F-51C6D1D21E5C
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 -> {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1404014489394795&p2=^A6E^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1008 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1008 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-644356114-2566177158-2502637254-1011 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1004 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-644356114-2566177158-2502637254-1005 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.177.1
FireFox:
========
FF ProfilePath: C:\Users\Beamer\AppData\Roaming\Mozilla\Firefox\Profiles\5tcpn7ab.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=71BBFB7C-F00D-4E16-9DA1-51512365ABFE&apn_ptnrs=%5EAGS&apn_sauid=A57E7053-3C73-4602-928F-51C6D1D21E5C&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-644356114-2566177158-2502637254-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Philipp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-10-03] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-644356114-2566177158-2502637254-1008: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ellen & Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-02-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-02-16] (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-13]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-06-02]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433880 2015-05-28] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-28] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [806616 2015-05-28] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-26] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 MDES; C:\ASUS.SYS\DVMExportService.exe [307200 2008-10-21] (DeviceVM) [File not signed]
R2 MyPublicWiFiService; C:\Program Files\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1997168 2015-06-08] (Electronic Arts)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 ss_conn_service; D:\Samsung Kies\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [25600 2009-07-24] (Alcor Micro, Corp.)
R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [30264 2009-12-25] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-20] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [105728 2014-09-29] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2014-09-29] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-11] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131288 2015-05-28] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-21] (Disc Soft Ltd)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2009-06-18] (Windows (R) Win 7 DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
R1 ndiskhaz; C:\Windows\System32\DRIVERS\ndiskhaz.sys [25416 2012-12-07] (Khalil Azzouzi)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-11-21] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-11] (Avira Operations GmbH & Co. KG)
R3 stdriver; C:\Windows\System32\DRIVERS\stdriver32.sys [52312 2012-06-21] (NCH Software)
U3 asify6mi; C:\Windows\system32\Drivers\asify6mi.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
U3 aydu7eur; C:\Windows\system32\Drivers\aydu7eur.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 18:45 - 2015-06-15 18:46 - 00033138 _____ C:\Users\Philipp\Desktop\FRST.txt
2015-06-15 18:32 - 2015-06-15 18:45 - 00000000 ____D C:\FRST
2015-06-15 18:13 - 2015-06-15 18:13 - 01148416 _____ (Farbar) C:\Users\Philipp\Desktop\FRST.exe
2015-06-14 18:33 - 2015-06-14 18:33 - 00002991 _____ C:\Users\Philipp\AppData\Local\recently-used.xbel
2015-06-14 16:21 - 2015-06-14 16:21 - 00000012 ____H C:\dvmexp.idx
2015-06-14 08:12 - 2015-06-14 08:12 - 00000000 ___HD C:\dvmexp
2015-06-13 14:19 - 2015-06-13 14:19 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-13 14:18 - 2015-06-15 18:23 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000UA.job
2015-06-13 14:18 - 2015-06-15 14:23 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-644356114-2566177158-2502637254-1000Core.job
2015-06-13 14:18 - 2015-06-13 14:18 - 00000000 ____D C:\Users\Jeffel\AppData\Local\Dropbox
2015-06-13 14:18 - 2015-06-13 14:18 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-11 20:32 - 2015-06-11 20:32 - 00131180 _____ C:\Users\Manuel\Downloads\Motorrad Profi 4 - kostenlos online spielen.htm
2015-06-11 18:41 - 2015-06-11 18:41 - 00001085 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-10 10:09 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 10:09 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 10:09 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 10:09 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 10:09 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 10:09 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 10:09 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 10:09 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 10:09 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 10:09 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 10:09 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 10:09 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 10:09 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 10:09 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 10:09 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 10:09 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 10:09 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 10:09 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 10:09 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 10:09 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 10:09 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 10:09 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 10:09 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 10:09 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 10:09 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 10:09 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 10:09 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 10:09 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 10:09 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 10:09 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 10:09 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 10:09 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 10:09 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 10:09 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 10:09 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 10:09 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 10:09 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 10:08 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 10:08 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:08 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 10:08 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 10:08 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 10:08 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 10:08 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 10:08 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 10:08 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 10:08 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 10:08 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 10:08 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 10:08 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 10:08 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 10:08 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 10:08 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 10:08 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 10:08 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:08 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:08 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 10:08 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 10:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 10:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 10:08 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 10:08 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 17:20 - 2015-06-09 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-06-09 17:20 - 2015-06-09 17:21 - 00000000 ____D C:\Program Files\BlueStacks
2015-06-09 17:20 - 2015-06-09 17:20 - 00000000 ____D C:\ProgramData\BlueStacks
2015-06-09 17:18 - 2015-06-09 17:18 - 15738056 _____ C:\Users\Philipp\Downloads\CloudMusic_official_2.7.1.apk
2015-06-09 17:18 - 2015-06-09 17:18 - 14155832 _____ (BlueStack Systems Inc.) C:\Users\Philipp\Downloads\BlueStacks-ThinInstaller.exe
2015-06-09 15:44 - 2015-05-09 05:14 - 02937344 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 02045952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-09 15:44 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-09 15:44 - 2015-05-09 05:13 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-09 15:44 - 2015-05-09 05:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-09 15:44 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-09 15:44 - 2015-05-09 05:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-06 18:11 - 2015-06-06 18:11 - 00000000 ____D C:\Users\Beamer\AppData\Local\GWX
2015-06-06 11:34 - 2015-06-07 21:06 - 00000000 ____D C:\Users\Philipp\Documents\Joerg Riesa
2015-06-04 20:15 - 2015-06-04 20:16 - 00103104 _____ C:\Users\Manuel\Downloads\Crazy Skater - kostenlos online spielen.htm
2015-06-04 19:22 - 2015-06-04 19:22 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-03 18:24 - 2015-06-03 18:24 - 00000000 ____D C:\Users\Manuel\AppData\Local\GWX
2015-06-03 16:37 - 2015-06-03 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-06-02 15:47 - 2015-06-04 18:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-01 20:38 - 2015-06-01 20:38 - 00000000 ____D C:\Users\Jeffel\AppData\Local\GWX
2015-06-01 19:02 - 2015-06-01 19:02 - 00000000 ____D C:\Users\Ellen & Manuel\AppData\Local\GWX
2015-06-01 18:03 - 2015-06-01 18:03 - 00000000 ____D C:\Users\Philipp\AppData\Local\GWX
2015-05-31 15:23 - 2015-05-31 15:43 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Dual Monitor
2015-05-31 15:23 - 2015-05-31 15:23 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2015-05-20 19:51 - 2015-05-20 19:51 - 00177664 _____ C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-20 17:18 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-20 17:18 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-20 17:18 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-17 19:56 - 2015-06-15 17:56 - 00000917 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {00F3F166-48F4-41CC-97B5-0BCDE58D612F}.job
2015-05-17 19:56 - 2015-06-15 17:56 - 00000731 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {00F3F166-48F4-41CC-97B5-0BCDE58D612F}.job
2015-05-16 20:06 - 2015-05-16 20:06 - 00275744 _____ C:\Windows\Minidump\051615-38750-01.dmp
2015-05-16 09:04 - 2015-05-16 09:04 - 00172295 _____ C:\Users\Philipp\Documents\Konfiguration FritzBox.xps
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-15 18:19 - 2012-04-04 22:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-15 18:10 - 2014-12-31 17:10 - 00000917 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job
2015-06-15 18:10 - 2014-12-31 17:10 - 00000731 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {5ED40A39-9E20-4A57-9853-44602CD12F7A}.job
2015-06-15 18:10 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-15 18:04 - 2010-01-31 18:04 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-15 17:04 - 2013-11-21 19:48 - 00000000 ____D C:\Users\Beamer\AppData\Roaming\DAEMON Tools Lite
2015-06-15 16:40 - 2009-12-25 17:20 - 00019456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-15 16:40 - 2009-12-25 17:20 - 00019456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-15 16:39 - 2012-12-17 20:34 - 00000000 ___RD C:\Users\Philipp\Documents\Dropbox
2015-06-15 16:38 - 2014-07-12 11:12 - 00000000 ___RD C:\Users\Philipp\Google Drive
2015-06-15 16:38 - 2010-12-01 14:28 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Dropbox
2015-06-15 16:35 - 2010-01-31 18:04 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-15 08:20 - 2009-12-25 18:22 - 01411283 _____ C:\Windows\WindowsUpdate.log
2015-06-15 06:48 - 2010-09-11 19:48 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Skype
2015-06-15 06:45 - 2014-07-30 10:13 - 00000000 __SHD C:\Users\Jeffel\AppData\Local\EmieUserList
2015-06-15 06:45 - 2014-07-30 10:13 - 00000000 __SHD C:\Users\Jeffel\AppData\Local\EmieSiteList
2015-06-15 06:11 - 2009-08-20 05:40 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 20:33 - 2012-12-30 21:21 - 00000000 ___RD C:\Users\Jeffel\Dropbox
2015-06-14 20:33 - 2012-12-30 21:17 - 00000000 ____D C:\Users\Jeffel\AppData\Roaming\Dropbox
2015-06-14 19:33 - 2010-10-18 18:21 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2015-06-14 18:34 - 2014-11-23 16:42 - 00000000 ____D C:\Users\Philipp\.gimp-2.8
2015-06-14 17:18 - 2013-03-30 18:22 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\.minecraft
2015-06-14 16:36 - 2014-11-23 16:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\gtk-2.0
2015-06-14 16:21 - 2009-08-19 05:27 - 00000000 ___HD C:\temp
2015-06-14 08:15 - 2013-02-10 11:44 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-06-14 08:12 - 2015-04-02 11:31 - 00244957 _____ C:\Windows\setupact.log
2015-06-14 08:12 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-13 13:07 - 2014-07-12 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-11 18:47 - 2015-04-04 08:21 - 00002266 _____ C:\Windows\PFRO.log
2015-06-11 18:47 - 2011-10-20 18:09 - 00000000 ____D C:\ProgramData\Avira
2015-06-11 18:41 - 2014-08-25 20:44 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-11 18:40 - 2015-03-05 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-11 18:40 - 2012-11-02 20:39 - 00000000 ____D C:\Program Files\Avira
2015-06-11 12:09 - 2012-11-02 20:40 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-11 12:09 - 2012-11-02 20:40 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-11 12:09 - 2012-11-02 20:40 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys
2015-06-11 09:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-06-10 17:55 - 2014-05-29 20:43 - 00000000 ____D C:\Users\Philipp\.android
2015-06-10 17:19 - 2012-04-04 22:24 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-10 17:19 - 2011-06-10 19:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-10 15:43 - 2015-04-02 11:30 - 00572992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 15:05 - 2014-12-10 22:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 15:05 - 2014-04-26 10:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 15:04 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-06-10 10:31 - 2009-08-19 04:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 10:25 - 2013-07-28 23:00 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 10:14 - 2009-12-29 22:28 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 17:21 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-08 18:27 - 2013-06-17 09:00 - 00000000 ____D C:\ProgramData\Origin
2015-06-08 18:20 - 2013-06-17 11:51 - 00000000 ____D C:\Users\Beamer\AppData\Roaming\Origin
2015-06-08 18:14 - 2013-06-17 09:00 - 00000000 ____D C:\Program Files\Origin
2015-06-08 17:04 - 2013-11-27 20:45 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-06-07 08:24 - 2009-12-25 20:08 - 00000354 _____ C:\Windows\Tasks\Driver Robot.job
2015-06-06 10:46 - 2012-05-17 13:18 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Notepad++
2015-06-04 19:21 - 2009-08-19 04:20 - 00000000 ____D C:\Program Files\Google
2015-06-04 18:42 - 2012-05-11 15:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-03 16:42 - 2014-04-28 18:03 - 00000000 ____D C:\Program Files\CCleaner
2015-05-31 15:54 - 2012-12-22 15:49 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Audacity
2015-05-30 22:11 - 2009-11-24 20:19 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-05-30 12:55 - 2010-03-06 18:42 - 00000000 ____D C:\Users\Jeffel\Documents\Kigo
2015-05-27 18:16 - 2010-01-25 18:43 - 00000000 ____D C:\Users\Jeffel\Documents\Telefon
2015-05-26 11:56 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 21:22 - 2011-08-28 09:47 - 00000000 ____D C:\Users\Beamer
2015-05-20 20:24 - 2012-11-02 20:40 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-05-20 17:19 - 2015-04-04 20:15 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 17:07 - 2010-10-21 17:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2015-05-20 17:06 - 2011-08-28 10:41 - 00000000 ____D C:\Users\Beamer\AppData\Local\Adobe
2015-05-16 20:06 - 2012-07-28 22:41 - 00000000 ____D C:\Windows\Minidump
2015-05-16 19:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-05-16 08:11 - 2010-12-01 14:28 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Files in the root of some directories =======
2007-06-12 10:34 - 2007-06-12 10:34 - 0035822 _____ () C:\Program Files\Common Files\ASPG_icon.ico
2008-05-22 09:35 - 2008-05-22 09:35 - 0051962 _____ () C:\Program Files\Common Files\banner.jpg
2009-04-08 11:31 - 2009-04-08 11:31 - 0106496 _____ () C:\Program Files\Common Files\CPInstallAction.dll
2008-08-11 22:45 - 2008-08-11 22:45 - 0155648 _____ (ASUS) C:\Program Files\Common Files\MSIactionall.dll
2015-01-04 12:55 - 2015-01-04 12:55 - 0000459 _____ () C:\Users\Beamer\AppData\Roaming\Drives Meter_Settings.ini
2012-04-23 18:17 - 2013-05-02 17:27 - 0007598 _____ () C:\Users\Beamer\AppData\Local\Resmon.ResmonCfg
2010-09-11 19:55 - 2010-09-11 19:55 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Files to move or delete:
====================
C:\Users\Jeffel\i2errDeu.dll
Some files in TEMP:
====================
C:\Users\Beamer\AppData\Local\Temp\atcMedia1291428144436.exe
C:\Users\Beamer\AppData\Local\Temp\avgnt.exe
C:\Users\Ellen & Manuel\AppData\Local\Temp\avgnt.exe
C:\Users\Jeffel\AppData\Local\Temp\AskSLib.dll
C:\Users\Jeffel\AppData\Local\Temp\AutoRun.exe
C:\Users\Jeffel\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jeffel\AppData\Local\Temp\avgnt.exe
C:\Users\Jeffel\AppData\Local\Temp\Delay.exe
C:\Users\Jeffel\AppData\Local\Temp\DirectoryRemovalUtility.exe
C:\Users\Jeffel\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jeffel\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Jeffel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw138tc.dll
C:\Users\Jeffel\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Jeffel\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Jeffel\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Jeffel\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jeffel\AppData\Local\Temp\mpsetup.exe
C:\Users\Jeffel\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jeffel\AppData\Local\Temp\ose00000.exe
C:\Users\Jeffel\AppData\Local\Temp\PicasaUpdater_7e04.exe
C:\Users\Jeffel\AppData\Local\Temp\RemoveGO.exe
C:\Users\Jeffel\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Jeffel\AppData\Local\Temp\sdapskill.exe
C:\Users\Jeffel\AppData\Local\Temp\setup.exe
C:\Users\Jeffel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jeffel\AppData\Local\Temp\uninst1.exe
C:\Users\Jeffel\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Jeffel\AppData\Local\Temp\_is9E90.exe
C:\Users\Jeffel\AppData\Local\Temp\_isBF68.exe
C:\Users\Manuel\AppData\Local\Temp\avgnt.exe
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe
C:\Users\Philipp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvefjun.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-04 23:19
==================== End of log ============================
|
Revo Uninstaller (alternativ 
dann auf 
und dann auf 
. 
), jedoch war das Programm nach der teilweisen Deinstallation nicht mehr zu finden.
WARNUNG an die MITLESER: 
. Bemerkt habe ich bis jetzt, dass ich Avira nicht mehr starten kann. Avira Antivirus läuft zwar, und zeigt auch den Echtzeit Scanner als "an" an, jedoch erscheint das Avira Symbol nicht mehr in der Taskleiste. Auch nachdem ich den Computer nochmals neu gestartet habe.
Linear-Darstellung
