Ich habe gestern bemerkt, dass meine Dokumente verschlüsselt sind und sich nicht mehr öffnen lassen. Ich habe zweimal versucht, das Problem mittels "Systemwiederherstellung" zu lösen - ohne Erfolg.
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von adrian (Administrator) auf ADRIAN-PC (04-01-2016 20:53:42)
Gestartet von C:\Users\adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3KDMPUNH
Geladene Profile: adrian (Verfügbare Profile: adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dropbox, Inc.) C:\Users\adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [365336 2010-11-02] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-08] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [52168 2008-06-29] (Elaborate Bytes AG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-149357456-71073121-30113663-1000\...\Run: [Userinit] => C:\Users\adrian\AppData\Roaming\appconf32.exe
HKU\S-1-5-21-149357456-71073121-30113663-1000\...\Run: [Dropbox Update] => C:\Users\adrian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-149357456-71073121-30113663-1000\...\MountPoints2: {ea859780-5977-11e2-a7f5-38607785eae8} - F:\PMCsetup.exe
HKU\S-1-5-21-149357456-71073121-30113663-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\kloehk.dll [17592 2010-10-05] (Kaspersky Lab ZAO)
AppInit_DLLs: ,C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll [29368 2010-10-05] (Kaspersky Lab ZAO)
AppInit_DLLs-x32: C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll [25272 2010-10-05] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_YOUR_FILES.HTML [2016-01-04] ()
Startup: C:\Users\adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_YOUR_FILES.PNG [2016-01-04] ()
Startup: C:\Users\adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_YOUR_FILES.TXT [2016-01-04] ()
Startup: C:\Users\adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-01-02]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{24EDF7B5-C55C-42C3-9C1D-7EBC3F47DF08}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4CCD9051-4C8F-4EFE-A913-AB010AA58E35}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-149357456-71073121-30113663-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-149357456-71073121-30113663-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-149357456-71073121-30113663-1000 -> {6875B167-CFEE-4B68-BA20-D3399B90771E} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
BHO: IEVkbdBHO Class -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll [2010-10-05] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-29] (Sun Microsystems, Inc.)
BHO: FilterBHO Class -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll [2010-10-05] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: IEVkbdBHO Class -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-10-05] (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-29] (Sun Microsystems, Inc.)
BHO-x32: FilterBHO Class -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-10-05] (Kaspersky Lab ZAO)
Toolbar: HKU\S-1-5-21-149357456-71073121-30113663-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\adrian\AppData\Roaming\Mozilla\Firefox\Profiles\z2htlun6.default
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-08-29] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2011-08-29] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-08-29] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011-12-15] [ist nicht signiert]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-02]
CHR Extension: (Google Drive) - C:\Users\adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-09] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [365336 2010-11-02] (Kaspersky Lab ZAO)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-10-07] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-09] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-09] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2010-06-09] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2010-06-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [556120 2011-12-15] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [27736 2010-04-22] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-04 20:53 - 2016-01-04 20:53 - 00000000 ____D C:\FRST
2016-01-04 20:50 - 2016-01-04 20:50 - 00000000 _____ C:\Users\adrian\Downloads\ProductivityBoss.6edabb2d50364234a1a20881b7dc2e88.exe.tfrp5i1.partial
2016-01-04 00:46 - 2016-01-04 00:46 - 00029016 _____ C:\Users\adrian\Desktop\HELP_YOUR_FILES.HTML
2016-01-04 00:46 - 2016-01-04 00:46 - 00019784 _____ C:\Users\adrian\Desktop\HELP_YOUR_FILES.TXT
2016-01-03 01:50 - 2016-01-03 01:50 - 04873024 _____ C:\Users\adrian\Downloads\c2lf59w26v.u1it5
2016-01-03 01:50 - 2016-01-03 01:50 - 01874520 _____ C:\Users\adrian\Downloads\lu77r.kf6
2016-01-03 01:50 - 2016-01-03 01:50 - 01197924 _____ C:\Users\adrian\Downloads\e06go0mv58.r374
2016-01-03 01:50 - 2016-01-03 01:50 - 00933360 _____ C:\Users\adrian\Downloads\g813p8z00.2u
2016-01-03 01:50 - 2016-01-03 01:50 - 00428300 _____ C:\Users\adrian\Downloads\clmq30.r79o
2016-01-03 01:50 - 2016-01-03 01:50 - 00305244 _____ C:\Users\adrian\Downloads\99yfb5os.6m
2016-01-03 01:50 - 2016-01-03 01:50 - 00016748 _____ C:\Users\adrian\Downloads\8crd2.oq0n
2016-01-03 01:50 - 2016-01-03 01:50 - 00015532 _____ C:\Users\adrian\Downloads\25em7.6y5
2016-01-03 01:50 - 2016-01-03 01:50 - 00000492 _____ C:\Users\adrian\Documents\b2qoar.6k6
2016-01-03 01:49 - 2016-01-03 01:49 - 00014636 _____ C:\Users\adrian\Documents\mh5b73.25
2016-01-03 01:47 - 2016-01-03 01:47 - 00014844 _____ C:\Users\adrian\Documents\3002l53.y41
2016-01-03 01:45 - 2016-01-03 01:45 - 00008764 _____ C:\Users\adrian\Desktop\l8ned672.9c
2016-01-03 01:40 - 2016-01-03 01:40 - 00000380 _____ C:\Users\adrian\AppData\Roaming\jepho4.lgt1
2016-01-03 01:38 - 2016-01-03 01:39 - 252102540 _____ C:\Users\adrian\uen9esf.gr1
2016-01-03 01:36 - 2016-01-03 01:36 - 00001324 _____ C:\ProgramData\idp57n03y.3ia
2015-12-14 14:49 - 2015-12-14 14:49 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
2015-12-13 10:57 - 2016-01-03 04:34 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-08 21:02 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 21:02 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 21:02 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 21:02 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 21:02 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 21:02 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 21:02 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 21:02 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 21:02 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 21:02 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 21:02 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 21:02 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 21:02 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 21:02 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 21:02 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 21:02 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 21:02 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 21:02 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 21:02 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 21:02 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 21:02 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-08 21:02 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-08 21:02 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-08 21:02 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 21:02 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 21:02 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-08 21:02 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 21:02 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 21:02 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 21:02 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 21:02 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 21:02 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 21:02 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 21:02 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 21:02 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 21:02 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 21:02 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 21:02 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 21:02 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 21:02 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 21:02 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 21:02 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 21:02 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 21:02 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 21:02 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 21:02 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 21:02 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 21:02 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 21:02 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 21:02 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 21:02 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 21:02 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 21:02 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 21:02 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 21:02 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 21:02 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 21:02 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 21:02 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-08 21:02 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 21:02 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 21:02 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 21:02 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 21:02 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-08 21:02 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-08 21:02 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-08 21:02 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-08 21:02 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-08 21:02 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-08 21:02 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-08 21:02 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-08 21:02 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-08 21:02 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-08 21:01 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 21:01 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 21:01 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 21:01 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 21:01 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 21:01 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 21:01 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 21:01 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 21:01 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 21:01 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 21:01 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 21:01 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 21:01 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 21:01 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 21:01 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 21:01 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 21:01 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 21:01 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 21:01 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 21:01 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 21:01 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 21:01 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 21:01 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 21:01 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 21:01 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 21:01 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 21:01 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 21:01 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 21:01 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 21:01 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-04 20:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-04 20:39 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-04 20:39 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-04 20:33 - 2015-06-18 12:03 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-149357456-71073121-30113663-1000UA.job
2016-01-04 20:28 - 2014-03-07 11:03 - 00000000 ___RD C:\Users\adrian\Dropbox
2016-01-04 20:28 - 2014-03-07 11:01 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Dropbox
2016-01-04 20:27 - 2011-12-15 09:42 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-04 20:24 - 2014-07-13 19:53 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-04 20:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-04 01:02 - 2014-07-13 19:53 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-04 00:46 - 2012-04-26 06:08 - 00000000 ____D C:\Users\adrian\NTI DVD-ROM
2016-01-04 00:46 - 2011-12-15 09:45 - 00000000 ____D C:\Users\adrian
2016-01-04 00:43 - 2013-03-16 22:06 - 00000000 ___RD C:\Users\adrian\Music.dti
2016-01-04 00:07 - 2012-08-31 20:06 - 00000000 ____D C:\Users\adrian\Hörbücher
2016-01-03 04:34 - 2014-07-13 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-03 04:34 - 2013-03-15 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-03 04:34 - 2013-03-15 23:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-03 04:34 - 2013-03-15 23:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-03 04:34 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-01-03 04:33 - 2015-04-05 19:46 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-01-03 04:33 - 2015-04-05 19:46 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-03 04:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-01-03 04:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-03 03:48 - 2012-01-03 23:21 - 00000000 ____D C:\Users\adrian\filme
2016-01-03 03:42 - 2013-03-16 20:57 - 00000000 ____D C:\Users\adrian\ext.festplatte.dti
2016-01-03 01:50 - 2015-01-04 17:00 - 00000000 ____D C:\Users\adrian\Documents\Lieder
2016-01-03 01:50 - 2014-11-27 20:24 - 00000000 ____D C:\Users\adrian\Documents\sonstiges
2016-01-03 01:50 - 2014-09-10 08:29 - 00000000 ____D C:\Users\adrian\Documents\Training
2016-01-03 01:50 - 2014-08-24 23:12 - 00000000 ____D C:\Users\adrian\Downloads\metroplus
2016-01-03 01:50 - 2012-09-05 10:27 - 00000000 ____D C:\Users\adrian\Documents\Klettern
2016-01-03 01:49 - 2014-12-17 22:24 - 00000000 ____D C:\Users\adrian\Documents\DWS
2016-01-03 01:49 - 2014-11-20 14:19 - 00000000 ____D C:\Users\adrian\Documents\Kinder Kirche
2016-01-03 01:49 - 2014-10-28 11:09 - 00000000 ____D C:\Users\adrian\Documents\Bouldern
2016-01-03 01:49 - 2011-12-16 21:24 - 00000000 ____D C:\Users\adrian\Documents\CyberLink
2016-01-03 01:47 - 2014-09-28 18:57 - 00000000 ____D C:\Users\adrian\Documents\Arbeit
2016-01-03 01:46 - 2012-09-05 10:25 - 00000000 ____D C:\Users\adrian\Documents\Amik
2016-01-03 01:45 - 2015-01-04 17:24 - 00000000 ____D C:\Users\adrian\Desktop\Medion
2016-01-03 01:45 - 2013-11-22 17:32 - 00000000 ____D C:\Users\adrian\Desktop\DCIM
2016-01-03 01:45 - 2012-04-14 18:18 - 00000000 ____D C:\Users\adrian\Desktop\sitecom
2016-01-03 01:45 - 2012-04-14 18:18 - 00000000 ____D C:\Users\adrian\Desktop\Neuer Ordner
2016-01-03 01:45 - 2012-04-01 09:53 - 00000000 ____D C:\Users\adrian\Desktop\Lina
2016-01-03 01:45 - 2012-02-16 21:22 - 00000000 ____D C:\Users\adrian\Desktop\NTI DVD-ROM
2016-01-03 01:40 - 2014-03-19 22:43 - 00000000 ____D C:\Users\adrian\AppData\Local\RapidSolution
2016-01-03 01:40 - 2013-10-03 08:21 - 00000000 ____D C:\Users\adrian\chemnitztal
2016-01-03 01:40 - 2013-01-08 11:06 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Philips-Songbird
2016-01-03 01:40 - 2012-04-11 10:04 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Skype
2016-01-03 01:40 - 2012-04-05 18:59 - 00000000 ____D C:\Users\adrian\AppData\Roaming\elsterformular
2016-01-03 01:40 - 2012-04-04 16:57 - 00000000 ____D C:\Users\adrian\AppData\Roaming\TeamViewer
2016-01-03 01:40 - 2012-03-18 14:56 - 00000000 ____D C:\Users\adrian\AppData\Roaming\STEPnova
2016-01-03 01:40 - 2012-02-19 18:48 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Mozilla
2016-01-03 01:40 - 2012-01-02 17:20 - 00000000 ____D C:\Users\adrian\AppData\Roaming\OpenOffice.org
2016-01-03 01:40 - 2011-12-15 23:08 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Mugle
2016-01-03 01:40 - 2011-12-15 11:57 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Virtual Desktop Manager
2016-01-03 01:40 - 2011-12-15 10:57 - 00000000 ____D C:\Users\adrian\AppData\LocalLow\Adobe
2016-01-03 01:40 - 2011-12-15 09:49 - 00000000 ____D C:\Users\adrian\AppData\Roaming\Adobe
2016-01-03 01:39 - 2013-01-08 11:06 - 00000000 ____D C:\Users\adrian\AppData\Local\Philips-Songbird
2016-01-03 01:39 - 2012-11-30 00:47 - 00000000 ____D C:\Users\adrian\AppData\Local\Mozilla
2016-01-03 01:39 - 2011-12-15 09:48 - 00000000 ____D C:\Users\adrian\AppData\Local\Google
2016-01-03 01:38 - 2013-12-17 17:20 - 00000000 ____D C:\Users\adrian\100KC160
2016-01-03 01:36 - 2012-02-19 18:47 - 00000000 ____D C:\ProgramData\stepnova
2015-12-22 21:57 - 2015-06-18 12:03 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-149357456-71073121-30113663-1000Core.job
2015-12-22 10:27 - 2012-01-02 16:54 - 00000000 ____D C:\Users\adrian\AppData\Roaming\SoftGrid Client
2015-12-22 09:52 - 2011-08-29 16:58 - 00700134 _____ C:\Windows\system32\perfh007.dat
2015-12-22 09:52 - 2011-08-29 16:58 - 00149984 _____ C:\Windows\system32\perfc007.dat
2015-12-22 09:52 - 2009-07-14 06:13 - 01622300 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-19 08:57 - 2012-01-02 16:53 - 01596580 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-16 23:13 - 2014-07-13 19:53 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 13:49 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-09 23:11 - 2009-07-14 05:45 - 00394104 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-08 23:28 - 2013-07-24 19:05 - 00000000 ____D C:\Windows\system32\MRT
2015-12-08 23:19 - 2011-08-29 18:49 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-05 14:57 - 2014-07-13 19:53 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 14:57 - 2014-07-13 19:53 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-06-19 14:29 - 2012-07-23 21:14 - 0000034 _____ () C:\Users\adrian\AppData\Roaming\blckdom.res
2016-01-03 01:40 - 2016-01-03 01:40 - 0050355 _____ () C:\Users\adrian\AppData\Roaming\HELP_YOUR_FILES.PNG
2016-01-03 01:40 - 2016-01-03 01:40 - 0000380 _____ () C:\Users\adrian\AppData\Roaming\jepho4.lgt1
2012-06-19 14:29 - 2012-06-19 14:29 - 0000264 _____ () C:\Users\adrian\AppData\Roaming\srvblck5.tmp
2016-01-03 01:40 - 2016-01-03 01:40 - 0050355 _____ () C:\Users\adrian\AppData\Roaming\Microsoft\HELP_YOUR_FILES.PNG
2016-01-03 01:40 - 2016-01-03 01:40 - 0050355 _____ () C:\Users\adrian\AppData\Local\HELP_YOUR_FILES.PNG
2013-07-17 09:45 - 2013-07-17 09:50 - 95023320 ____T () C:\ProgramData\4oclir.pad
2012-09-27 15:08 - 2012-09-27 15:10 - 83023306 ____T () C:\ProgramData\dsgsdgdsgdsgw.pad
2013-07-17 09:45 - 2013-07-17 09:45 - 0000000 _____ () C:\ProgramData\g252qs.txt
2016-01-03 01:36 - 2016-01-03 01:36 - 0050355 _____ () C:\ProgramData\HELP_YOUR_FILES.PNG
2016-01-03 01:36 - 2016-01-03 01:36 - 0001324 _____ () C:\ProgramData\idp57n03y.3ia
2012-11-16 00:11 - 2012-11-16 00:11 - 0076358 _____ () C:\ProgramData\lcmekqvdnfdnvxs
2012-06-11 16:28 - 2012-06-11 22:48 - 4503728 ____T () C:\ProgramData\ll0_gkp.pad
2012-07-23 22:19 - 2012-07-23 22:20 - 4503728 ____T () C:\ProgramData\piz_0ef.pad
2013-07-17 09:45 - 2013-07-17 09:45 - 0122368 _____ () C:\ProgramData\rilco4.dat
ZeroAccess:
C:\Users\adrian\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\4oclir.pad
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\ll0_gkp.pad
C:\ProgramData\piz_0ef.pad
C:\ProgramData\rilco4.dat
Einige Dateien in TEMP:
====================
C:\Users\adrian\AppData\Local\Temp\banner.exe
C:\Users\adrian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzp0ooo.dll
C:\Users\adrian\AppData\Local\Temp\Softonic_DE_1-5-11_DE-Production_10_CleanRelease.exe
C:\Users\adrian\AppData\Local\Temp\_is5485.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ====> ZeroAccess. Benutzen DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2015-12-19 12:59
==================== Ende von FRST.txt ============================Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von adrian (2016-01-04 20:55:25)
Gestartet von C:\Users\adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3KDMPUNH
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-15 08:44:57)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-149357456-71073121-30113663-500 - Administrator - Disabled)
adrian (S-1-5-21-149357456-71073121-30113663-1000 - Administrator - Enabled) => C:\Users\adrian
Gast (S-1-5-21-149357456-71073121-30113663-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Disabled - Out of date) {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security (Disabled) {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.7 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.1.9.2500 - Avira)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.0 - Conexant)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2930.52 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Dropbox (HKU\S-1-5-21-149357456-71073121-30113663-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2462 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2011 (HKLM-x32\...\InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}) (Version: 11.0.2.556 - Kaspersky Lab)
Kaspersky Internet Security 2011 (x32 Version: 11.0.2.556 - Kaspersky Lab) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Philips Media Converter (HKLM-x32\...\{D615D099-5C0F-41E0-B69E-B7D1CDC51B61}) (Version: 1.03 - Philips)
Philips Media Converter (x32 Version: 1.03 - Philips) Hidden
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 5.6.2119 (2119) - Koninklijke Philips Electronics N.V.)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0038 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
stepnova (HKLM-x32\...\{35E7A699-70C3-43A6-A62A-A9EFD47B6F09}) (Version: 1.68 - ergovia GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.4.0 - Synaptics Incorporated)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VR-pulse Installer (HKLM\...\{D3836C5E-6824-4C9F-9B45-09C989B13EF6}) (Version: 1.5.2.0 - American Megatrends Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-149357456-71073121-30113663-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\adrian\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {48734C8E-48FF-44A4-B5CB-8381E380DA89} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-149357456-71073121-30113663-1000UA => C:\Users\adrian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6BA2FE36-3067-4C0F-81D8-36AE492CBD96} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {B1FD5B96-AAA4-4451-9415-606EC14EF0A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B472C92E-8F54-4C26-A985-903303B6783C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C449AE28-7DF8-4C5D-BAD8-C5B9ADC0816A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CBC6F2C8-4D7D-4A2D-9C97-F9D477FE439F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-149357456-71073121-30113663-1000Core => C:\Users\adrian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-149357456-71073121-30113663-1000Core.job => C:\Users\adrian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-149357456-71073121-30113663-1000UA.job => C:\Users\adrian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\adrian\Desktop\Medion\MEDIONhome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.medion.com/de
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-09-08 00:28 - 2009-12-18 23:40 - 00104968 ____R () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-09-08 00:28 - 2010-10-07 01:46 - 00159752 ____R () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2011-09-08 00:28 - 2011-07-09 00:50 - 00824328 ____R () C:\Program Files (x86)\PHotkey\PHotkey.exe
2011-09-08 00:28 - 2010-01-13 01:36 - 00117256 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2011-09-08 00:28 - 2010-01-13 01:36 - 00121864 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2011-08-29 23:12 - 2010-12-14 10:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-07-26 23:37 - 2011-07-26 23:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-02-08 10:49 - 2012-02-08 10:49 - 00380416 _____ () C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
2011-09-08 00:28 - 2010-12-27 22:14 - 00776200 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2011-09-08 00:28 - 2011-04-12 22:32 - 00483336 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2011-09-08 00:28 - 2011-07-13 21:56 - 03426312 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-02-19 17:39 - 2012-05-09 18:52 - 00398288 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-08 00:28 - 2009-12-18 23:36 - 00973432 ____R () C:\Program Files (x86)\PHotkey\acAuth.dll
2011-09-08 00:28 - 2009-12-18 23:41 - 00129544 ____R () C:\Program Files (x86)\PHotkey\GFNEX.dll
2010-10-05 20:26 - 2010-10-05 20:26 - 02111160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avzkrnl.dll
2010-08-03 23:39 - 2010-08-03 23:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-03 23:39 - 2010-08-03 23:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-08-10 10:32 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-12-13 10:57 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-13 10:56 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-13 10:56 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 10:57 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 10:57 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 10:57 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-13 10:56 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-13 10:57 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 10:57 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-13 10:57 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-13 10:57 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-13 10:56 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 10:57 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-13 10:56 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-13 10:57 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-13 10:57 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 10:57 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-13 10:56 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-13 10:56 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-13 10:56 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 10:57 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-13 10:57 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-13 10:56 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 20:32 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\adrian\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2011-01-17 16:19 - 2012-01-02 17:20 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-10-24 06:16 - 2014-10-24 06:16 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2011-09-07 23:33 - 2011-05-20 18:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-149357456-71073121-30113663-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\adrian\AppData\Roaming\Virtual Desktop Manager\PVDesktopWallpaper_0.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^Users^adrian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.8506075640984075.exe.lnk => C:\Windows\pss\0.8506075640984075.exe.lnk.Startup
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{6C6558FD-5B19-46F1-BAF5-47483A6169CA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EEA91603-CEE9-4FD4-A9CF-42F4CFB2ED22}] => (Allow) LPort=2869
FirewallRules: [{3761D7EF-E131-493B-BE73-C8EBA1F7DC38}] => (Allow) LPort=1900
FirewallRules: [{CC25B63B-9520-40FD-98F7-CADCD7EA94EB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A4FD2F88-972E-475F-BA32-ECD15263C040}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{B7540BA8-96E1-4C7D-AC1E-F77F5382B5E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{CA34BA2A-FF7A-464E-BD45-DACA8DB32DE9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{67D10B2E-4AA3-4211-97FB-C2494231915E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E15E54B1-2D6F-4832-8A5C-8FEA223EC5DD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A60F036D-3188-4ECC-A443-01D5F869FA2B}] => (Allow) C:\ProgramData\stepnova\Support\DeskShare.exe
FirewallRules: [{16FAF915-9774-4847-91CF-3F228144D4BD}] => (Allow) C:\ProgramData\stepnova\Support\DeskShare.exe
FirewallRules: [{DEFE172A-1C3D-49C8-A1B4-8B5866BF6051}] => (Allow) C:\ProgramData\stepnova\Support\Netviewer.exe
FirewallRules: [{D8FE4B8C-5C22-48CF-8F4A-AA7137288818}] => (Allow) C:\ProgramData\stepnova\Support\Netviewer.exe
FirewallRules: [{44F5E8FD-544B-4BE8-B734-F8DFEB36FB1E}] => (Allow) C:\ProgramData\stepnova\FirefoxPortable\stepnova.exe
FirewallRules: [{0B54DFC1-C861-4F69-B465-CA77F74E17E4}] => (Allow) C:\ProgramData\stepnova\FirefoxPortable\stepnova.exe
FirewallRules: [{6B7C4780-D6DA-4B40-9C56-9FC44CA58452}] => (Allow) C:\Users\adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7BAE95F8-9D22-4779-AE4F-98E80B59D0C0}] => (Allow) C:\Users\adrian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C826DB37-DF0D-4D96-A7B4-C650A0851779}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
08-12-2015 23:17:23 Windows Update
17-12-2015 22:13:10 Windows Update
19-12-2015 08:49:14 Windows Update
03-01-2016 03:48:49 Wiederherstellungsvorgang
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/04/2016 01:29:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (01/03/2016 10:18:02 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070005.
Error: (01/03/2016 10:17:27 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (01/03/2016 04:05:12 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070005.
Error: (12/22/2015 09:51:08 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (12/21/2015 08:59:07 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (12/20/2015 09:19:22 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (12/20/2015 12:07:23 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (12/18/2015 03:05:57 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (12/16/2015 11:23:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Systemfehler:
=============
Error: (01/04/2016 08:25:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (01/04/2016 08:25:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Application Virtualization Client" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/04/2016 08:25:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Application Virtualization Client erreicht.
Error: (01/04/2016 08:24:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (01/04/2016 08:24:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (01/04/2016 10:13:06 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (01/04/2016 10:13:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (01/04/2016 12:11:45 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (01/03/2016 11:44:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/03/2016 11:37:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Kaspersky Anti-Virus Service" wurde nicht richtig gestartet.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 4007.13 MB
Verfügbarer physikalischer RAM: 1957.6 MB
Summe virtueller Speicher: 8012.46 MB
Verfügbarer virtueller Speicher: 5468.26 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:237.29 GB) NTFS
Drive d: (Recover) (Fixed) (Total:48 GB) (Free:22.97 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 97BE5B6A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
04.01.2016, 21:27
Baum-Darstellung