Klaus aus | 05.01.2015 15:34 | Hallo Cosinus,
danke für die schnelle Antwort.
Anbei die beiden Logs:
FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Peter Mühlhölzl (administrator) on PETERM on 05-01-2015 14:44:41
Running from C:\Users\Peter Mühlhölzl\Desktop
Loaded Profile: Peter Mühlhölzl (Available profiles: Peter Mühlhölzl)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Abine Inc.) C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-12-22] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [SSS14 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe [17920 2014-02-25] (Steganos Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SAFE15 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe [17408 2014-02-21] (Steganos Software GmbH)
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\Run: [SAFE15 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe [70656 2014-02-21] (Steganos Software GmbH)
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-12-26] (Glarysoft Ltd)
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\RunOnce: [Uninstall C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => "C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\RunOnce: [Uninstall C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => "C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\RunOnce: [Uninstall C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1] => "C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1"
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\RunOnce: [Uninstall C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1\amd64] => "C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Peter Mühlhölzl\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1\amd64"
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Play Wireless USB Adapter Utility.lnk
ShortcutTarget: Play Wireless USB Adapter Utility.lnk -> C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
Startup: C:\Users\Peter Mühlhölzl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll (O&O Software GmbH)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2166599479-2100815452-1852773773-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Do Not Track Me -> {6E45F3E8-2683-4824-A6BE-08108022FB36} -> C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPAddon.dll (Abine)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\Windows\SysWOW64\ieframe.dll [12836864 2015-01-02] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Peter Mühlhölzl\AppData\Roaming\Mozilla\Firefox\Profiles\ef3tc1ki.default
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Peter Mühlhölzl\AppData\Roaming\Mozilla\Firefox\Profiles\ef3tc1ki.default\user.js
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - No Path
CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-12-20] (Avira Operations GmbH & Co. KG)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-16] (NVIDIA Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-16] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-16] (NVIDIA Corporation)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6258480 2014-12-14] (O&O Software GmbH)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-17] (Avira Operations GmbH & Co. KG)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2014-12-09] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2014-12-09] (COMODO)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-12-26] (Glarysoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2014-12-09] (COMODO)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-10-16] (NVIDIA Corporation)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R2 VirtualImDisk; C:\Windows\System32\DRIVERS\virtualimdisk.sys [39464 2014-03-02] (Olof Lagerkvist)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-05 14:44 - 2015-01-05 14:45 - 00017650 _____ () C:\Users\Peter Mühlhölzl\Desktop\FRST.txt
2015-01-05 14:43 - 2015-01-05 14:44 - 00000000 ____D () C:\FRST
2015-01-05 14:43 - 2015-01-05 14:43 - 02123776 _____ (Farbar) C:\Users\Peter Mühlhölzl\Desktop\FRST64.exe
2015-01-04 20:09 - 2015-01-04 20:09 - 00001794 _____ () C:\Windows\PFRO.log
2015-01-04 11:07 - 2015-01-05 14:19 - 00000448 _____ () C:\Windows\setupact.log
2015-01-04 11:07 - 2015-01-04 11:07 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-03 19:54 - 2015-01-03 19:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-03 19:54 - 2015-01-03 19:54 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-02 22:37 - 2015-01-02 22:37 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-02 22:04 - 2015-01-04 23:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-02 22:04 - 2015-01-04 19:56 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-02 22:04 - 2015-01-04 19:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-02 22:04 - 2015-01-04 19:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-02 21:38 - 2015-01-02 21:38 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-01-02 21:34 - 2015-01-02 21:34 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-02 21:34 - 2015-01-02 21:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-02 21:34 - 2015-01-02 21:34 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-02 21:34 - 2015-01-02 21:34 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-02 21:34 - 2015-01-02 21:34 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-02 21:34 - 2015-01-02 21:34 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-02 21:34 - 2015-01-02 21:34 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-02 21:34 - 2015-01-02 21:34 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-02 21:34 - 2015-01-02 21:34 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-02 21:34 - 2015-01-02 21:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-02 21:34 - 2015-01-02 21:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-02 21:34 - 2015-01-02 21:34 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-02 21:34 - 2015-01-02 21:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-02 20:42 - 2015-01-02 20:42 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-02 20:42 - 2015-01-02 20:42 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Mozilla
2015-01-02 20:42 - 2015-01-02 20:42 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Local\Mozilla
2015-01-02 20:42 - 2015-01-02 20:42 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-02 20:42 - 2015-01-02 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-02 20:42 - 2015-01-02 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-02 18:57 - 2015-01-02 19:07 - 63320784 _____ (Microsoft Corporation) C:\Users\Peter Mühlhölzl\Downloads\IE11-Windows6.1-x64-de-de.exe
2015-01-02 17:47 - 2015-01-02 20:04 - 39441776 _____ () C:\Users\Peter Mühlhölzl\Downloads\Firefox_Setup_de34.0.5.exe
2015-01-02 13:20 - 2015-01-02 13:20 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-02 13:07 - 2015-01-03 16:00 - 00014336 ___SH () C:\Users\Peter Mühlhölzl\Thumbs.db
2014-12-29 20:16 - 2014-12-29 20:16 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-29 20:16 - 2014-12-29 20:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-12-28 10:24 - 2014-12-28 10:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-28 10:24 - 2014-12-28 10:24 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-12-28 10:24 - 2014-12-28 10:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-12-28 10:24 - 2014-12-28 10:24 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-28 09:48 - 2014-12-28 09:48 - 00124960 _____ () C:\Users\Peter Mühlhölzl\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-28 09:46 - 2014-12-28 09:47 - 00465584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-27 17:11 - 2014-12-27 17:12 - 00617461 _____ () C:\Users\Peter Mühlhölzl\Downloads\RegSeeker2.57.zip
2014-12-26 16:42 - 2014-12-26 16:42 - 00001873 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2014-12-26 16:42 - 2014-12-26 16:42 - 00001861 ____N () C:\Users\Public\Desktop\PrivaZer.lnk
2014-12-26 16:42 - 2014-12-26 16:42 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2014-12-26 16:42 - 2014-12-26 16:42 - 00000000 ____D () C:\Program Files (x86)\PrivaZer
2014-12-26 11:09 - 2015-01-05 14:20 - 00000354 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-12-26 11:09 - 2015-01-02 15:29 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-12-26 11:09 - 2014-12-26 11:09 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-12-26 11:09 - 2014-12-26 11:09 - 00002988 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-12-26 11:09 - 2014-12-26 11:09 - 00002666 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-12-26 11:09 - 2014-12-26 11:09 - 00001068 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-12-26 11:09 - 2014-12-26 11:09 - 00001056 ____N () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-12-26 11:09 - 2014-12-26 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-12-26 11:06 - 2014-12-26 11:09 - 14889832 ____N () C:\Users\Peter Mühlhölzl\Downloads\gu515 setup.exe
2014-12-24 16:22 - 2014-12-24 16:22 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 13:40 - 2014-12-24 13:40 - 00000000 ____D () C:\Users\Peter Mühlhölzl\Documents\Steganos Safe
2014-12-24 13:31 - 2014-12-24 16:22 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Steganos VPN
2014-12-22 21:48 - 2014-12-22 21:48 - 00026528 ____N (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2014-12-22 21:38 - 2014-12-22 21:38 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-12-22 21:38 - 2014-12-22 21:38 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 12967680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-12-22 21:38 - 2014-12-22 21:38 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-12-22 21:38 - 2014-12-22 21:38 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 01550528 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-12-22 21:38 - 2014-12-22 21:38 - 01411096 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 01353472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00451096 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00366104 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00326680 ____N (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00303776 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-12-22 21:38 - 2014-12-22 21:38 - 00096568 _____ () C:\Windows\system32\audioLibVc.dll
2014-12-22 21:22 - 2014-12-26 11:19 - 00002122 ____N () C:\Users\Peter Mühlhölzl\Desktop\Driver Booster 2.lnk
2014-12-22 21:22 - 2014-12-22 21:22 - 00003234 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-12-22 21:22 - 2014-12-22 21:22 - 00003178 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-12-22 21:22 - 2014-12-22 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-22 06:49 - 2014-12-22 06:55 - 11686536 ____N (IObit ) C:\Users\Peter Mühlhölzl\Downloads\driver_booster_pro_setup.exe
2014-12-21 09:32 - 2015-01-02 15:40 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Local\PrivaZer
2014-12-21 09:32 - 2014-12-26 16:42 - 00000000 ____D () C:\ProgramData\privazer
2014-12-21 09:28 - 2014-12-21 09:32 - 07242376 ____N (Goversoft LLC) C:\Users\Peter Mühlhölzl\Downloads\privazer2242_free.exe
2014-12-20 20:49 - 2014-12-20 20:49 - 00001043 ____N () C:\Users\Peter Mühlhölzl\Desktop\XMedia Recode.lnk
2014-12-20 20:49 - 2014-12-20 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-12-20 20:49 - 2014-12-20 20:49 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-12-20 20:48 - 2014-12-20 20:49 - 07628356 ____N (XMedia Recode ) C:\Users\Peter Mühlhölzl\Downloads\XMediaRecode3204_setup.exe
2014-12-20 20:45 - 2014-12-20 20:45 - 00002792 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-12-20 20:44 - 2014-12-20 20:44 - 00000834 ____N () C:\Users\Peter Mühlhölzl\Desktop\CCleaner.lnk
2014-12-20 20:44 - 2014-12-20 20:44 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 20:41 - 2014-12-20 20:44 - 05317104 ____N (Piriform Ltd) C:\Users\Peter Mühlhölzl\Downloads\ccsetup501.exe
2014-12-14 10:06 - 2014-12-14 10:06 - 00002533 ____N () C:\Users\Peter Mühlhölzl\Desktop\O&O DiskImage.lnk
2014-12-14 10:06 - 2014-12-14 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2014-12-14 10:06 - 2014-12-14 10:06 - 00000000 ____D () C:\Program Files\OO Software
2014-12-12 16:16 - 2014-12-12 16:16 - 00615624 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-12 16:14 - 2014-12-12 16:15 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 24557712 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 18514616 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 17259664 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-12 16:14 - 2014-12-12 16:15 - 11397744 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 11336432 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 04011208 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 02874456 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00923792 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00900928 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00871648 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00303600 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-12 16:14 - 2014-12-12 16:15 - 00156840 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-11 22:29 - 2014-12-11 23:13 - 00044212 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-12-11 22:29 - 2014-12-11 22:29 - 00000000 ___HD () C:\VTRoot
2014-12-11 20:45 - 2014-12-11 20:47 - 14758904 ____N () C:\Users\Peter Mühlhölzl\Downloads\gu5.14 setup.exe
2014-12-11 12:15 - 2014-12-11 12:15 - 00001015 ____N () C:\Users\Peter Mühlhölzl\Desktop\Steganos Safe.lnk
2014-12-11 12:15 - 2014-12-11 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Safe 15
2014-12-11 12:15 - 2014-12-11 12:15 - 00000000 ____D () C:\Program Files (x86)\Steganos Safe 15
2014-12-11 09:40 - 2014-12-11 12:15 - 27039512 ____N (Steganos Software GmbH) C:\Users\Peter Mühlhölzl\Downloads\safe15intwr.exe
2014-12-10 19:23 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 19:23 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 19:23 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 19:23 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 19:23 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 19:23 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 19:23 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 19:23 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 19:23 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 19:23 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 19:16 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 19:16 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 19:16 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 19:16 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 19:16 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 19:16 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 19:16 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 19:16 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 19:16 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 19:16 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 19:16 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 19:16 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 19:16 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 19:16 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 19:16 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 19:16 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 19:16 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 18:55 - 2015-01-02 22:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-10 10:47 - 2014-12-10 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2014-12-10 10:46 - 2014-12-10 10:46 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Engelmann Media
2014-12-07 17:55 - 2014-12-07 17:56 - 07643822 ____N (XMedia Recode ) C:\Users\Peter Mühlhölzl\Downloads\XMediaRecode3203_setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-05 14:33 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 14:33 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 14:29 - 2014-06-04 19:39 - 01810754 _____ () C:\Windows\WindowsUpdate.log
2015-01-05 14:23 - 2014-12-01 18:41 - 00002874 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Peter Mühlhölzl)
2015-01-05 14:19 - 2011-04-20 21:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-05 14:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-04 20:01 - 2014-12-01 18:41 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-04 19:56 - 2014-06-15 17:42 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Local\Adobe
2015-01-04 16:30 - 2014-12-05 21:33 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Local\DoNotTrackPlus
2015-01-04 16:28 - 2013-11-23 19:30 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-03 16:18 - 2013-10-24 18:34 - 00000000 ____D () C:\Users\Peter Mühlhölzl\private Sachen
2015-01-03 15:55 - 2013-12-08 19:30 - 00001437 _____ () C:\Users\Peter Mühlhölzl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-03 13:49 - 2007-07-12 02:49 - 00000000 ____D () C:\Windows\Panther
2015-01-03 00:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-02 21:38 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-01-02 21:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-02 19:05 - 2011-12-09 12:40 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Local\Apps\2.0
2015-01-02 15:42 - 2014-04-18 10:36 - 00000000 ____D () C:\Program Files\Recuva
2015-01-02 15:39 - 2013-05-04 18:31 - 00000000 ____D () C:\Users\Peter Mühlhölzl\TapinRadio
2015-01-02 13:07 - 2011-07-23 18:13 - 00000000 ____D () C:\Users\Peter Mühlhölzl
2015-01-02 13:01 - 2011-07-23 18:38 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Adobe
2015-01-02 12:59 - 2011-07-23 18:14 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Macromedia
2014-12-31 19:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-28 09:47 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-27 23:08 - 2012-12-04 18:30 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Steganos
2014-12-27 22:09 - 2011-07-24 12:37 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\Nero
2014-12-27 16:54 - 2014-03-02 15:33 - 00000000 ____D () C:\ProgramData\restore
2014-12-27 16:54 - 2014-03-02 10:33 - 00000000 ____D () C:\ProgramData\launcher
2014-12-27 16:54 - 2011-09-10 09:52 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Local\Windows Live Writer
2014-12-27 16:54 - 2011-08-06 12:15 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Local\Help
2014-12-27 16:54 - 2011-07-26 19:06 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-12-27 16:54 - 2011-04-20 21:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-27 16:54 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-26 18:41 - 2013-02-19 20:40 - 00001388 ____N () C:\Windows\wininit.ini
2014-12-26 11:09 - 2012-04-15 16:58 - 00000000 ____D () C:\Users\Peter Mühlhölzl\AppData\Roaming\GlarySoft
2014-12-24 22:16 - 2011-12-29 19:44 - 00000000 ____D () C:\Windows\Minidump
2014-12-24 13:58 - 2013-09-10 11:07 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2014-12-22 21:39 - 2011-04-20 21:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-12-21 11:24 - 2012-04-17 19:03 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-20 17:01 - 2014-08-04 19:43 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-20 17:01 - 2013-12-08 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-20 17:01 - 2013-12-08 11:11 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-17 06:42 - 2011-07-23 18:40 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-14 10:06 - 2013-09-09 16:36 - 00255688 _____ (O&O Software GmbH) C:\Windows\system32\Drivers\oodivd.sys
2014-12-14 10:06 - 2013-09-09 16:36 - 00116936 _____ (O&O Software GmbH) C:\Windows\system32\Drivers\oodisr.sys
2014-12-14 10:06 - 2013-09-09 16:36 - 00044744 _____ (O&O Software GmbH) C:\Windows\system32\Drivers\oodivdh.sys
2014-12-14 10:06 - 2013-09-09 16:36 - 00041160 _____ (O&O Software GmbH) C:\Windows\system32\Drivers\oodisrh.sys
2014-12-12 16:16 - 2011-04-20 21:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-12 16:16 - 2011-01-26 17:53 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-12 16:15 - 2014-10-26 19:23 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-12 16:15 - 2014-10-26 19:23 - 16884632 ____N (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-12 16:15 - 2014-10-26 19:23 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-12 16:15 - 2014-10-26 19:23 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-11 22:53 - 2014-06-15 17:00 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-12-11 22:29 - 2011-03-17 20:17 - 00996438 _____ () C:\Windows\system32\perfh007.dat
2014-12-11 22:29 - 2011-03-17 20:17 - 00307612 _____ () C:\Windows\system32\perfc007.dat
2014-12-11 20:47 - 2013-07-05 19:35 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-12-10 21:46 - 2014-10-10 14:15 - 00002441 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 19:25 - 2013-08-15 10:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 19:23 - 2011-08-11 20:24 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 11:14 - 2014-06-16 19:09 - 00000000 ____D () C:\ProgramData\Licenses
2014-12-09 01:20 - 2014-04-16 21:12 - 00792648 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-12-09 01:20 - 2014-04-16 21:12 - 00104608 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-12-09 01:20 - 2014-04-16 21:12 - 00045880 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-12-09 01:20 - 2014-04-16 21:12 - 00020184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-12-09 01:20 - 2014-03-25 19:22 - 00437792 _____ (COMODO) C:\Windows\system32\guard64.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00354520 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00352272 ____N (COMODO) C:\Windows\SysWOW64\guard32.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00286424 ____N (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00045784 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00040736 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2014-12-09 01:20 - 2014-03-25 19:22 - 00040664 ____N (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2014-12-07 11:19 - 2013-01-18 14:42 - 00002972 _____ () C:\Windows\System32\Tasks\{8ACE438C-AC53-4B1C-B535-0DA673CB700C}
2014-12-07 11:19 - 2012-06-03 09:12 - 00002912 _____ () C:\Windows\System32\Tasks\{C1D94446-0F63-411E-9588-CFB4A8D122A8}
2014-12-07 11:19 - 2012-06-03 09:11 - 00002912 _____ () C:\Windows\System32\Tasks\{BBBE9B6B-2A53-45BD-9726-6CC15980395E}
2014-12-07 11:19 - 2012-06-03 09:09 - 00002912 _____ () C:\Windows\System32\Tasks\{FE37A13B-9B70-4DAC-AB83-6E1A04AB2248}
2014-12-07 11:18 - 2013-01-18 14:43 - 00002972 _____ () C:\Windows\System32\Tasks\{E0444572-0920-4116-8CC1-7E60E35B6726}
2014-12-07 11:18 - 2012-12-17 17:46 - 00003000 _____ () C:\Windows\System32\Tasks\{FAAF095F-1D47-4BFA-B76B-E1B33F444F5C}
Some content of TEMP:
====================
C:\Users\Peter Mühlhölzl\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 19:40
==================== End Of Log ============================ --- --- ---
ADDITION TXT: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Peter Mühlhölzl at 2015-01-05 14:45:43
Running from C:\Users\Peter Mühlhölzl\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CdCoverCreator 2.5.3 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.3 - thyanté Software)
CIB pdf brewer (HKLM\...\{0EEF95FE-A84D-4857-AF36-484A1C275149}) (Version: 2.8.0002 - CIB software GmbH)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
COMODO Firewall (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Do Not Track Me Add-on 2.2.8.122 (HKLM-x32\...\Do Not Track Me Add-on_is1) (Version: 2.2.8.122 - Abine)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version: - Eusing Software)
EZ CD Audio Converter Free (64-bit) (HKLM-x32\...\EZ CD Audio Converter Free (64-bit)) (Version: 1.6.1 - Poikosoft)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Glary Utilities 5.15 (HKLM-x32\...\Glary Utilities 5) (Version: 5.15.0.28 - Glarysoft Ltd)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Packard Bell)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Lotus SmartSuite 97 (HKLM-x32\...\SmartSuite V97.0) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM-x32\...\{00010407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyKeyFinder (HKLM-x32\...\MyKeyFinder_is1) (Version: 2012 - Abelssoft)
Nero 9 Essentials (HKLM-x32\...\{4e606022-ef9e-4620-8da4-823684f99fef}) (Version: - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NirSoft VideoCacheView (HKLM-x32\...\NirSoft VideoCacheView) (Version: - )
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
O&O DiskImage Professional (HKLM\...\{56F8EF3C-D9A0-4728-95D5-DC05A72931F5}) (Version: 7.81.6 - O&O Software GmbH)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Packard Bell)
Packard Bell Software Suite SE (HKLM-x32\...\Packard Bell Software Suite SE) (Version: 2.01.3003 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PeaZip 5.5.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Play Wireless USB Adapter (HKLM-x32\...\InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}) (Version: 1.0.0.03 - Belkin)
Play Wireless USB Adapter (x32 Version: 1.0.0.03 - Belkin) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.24.2.0 - Goversoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
Steganos Privacy Suite 14 (HKLM-x32\...\{9F07D3B6-3801-4C33-B20E-39CC29E63253}) (Version: 14.2.2 - Steganos Software GmbH)
Steganos Safe 15 (HKLM-x32\...\{D3FB0B73-11DF-41EE-9B6D-C7198079A88E}) (Version: 15.2.1 - Steganos Software GmbH)
TapinRadio 1.58.2 (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3005 - Packard Bell)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
XMedia Recode Version 3.2.0.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.4 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
02-01-2015 14:14:08 IObit Uninstaller restore point
02-01-2015 14:19:06 Windows Modules Installer
02-01-2015 14:40:40 Windows Modules Installer
02-01-2015 14:44:05 Wiederherstellungsvorgang
02-01-2015 14:54:04 Windows Modules Installer
02-01-2015 15:01:49 Windows Modules Installer
02-01-2015 15:13:07 Wiederherstellungsvorgang
02-01-2015 15:23:21 Windows Update
02-01-2015 16:08:03 Windows Modules Installer
02-01-2015 20:56:21 Windows Modules Installer
02-01-2015 21:33:21 Windows Modules Installer
02-01-2015 21:56:15 IObit Uninstaller restore point
02-01-2015 22:43:14 Windows Update
03-01-2015 20:36:13 Windows Update
04-01-2015 20:01:11 IObit Uninstaller restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {039352CB-D920-43E8-93DB-B67695F03A62} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0A33D9B5-0073-4A40-A380-4B828BDA0B00} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {0FB188C0-FB03-4B6C-8BDC-0954F51B7AE4} - System32\Tasks\{B63D4E71-2423-44B2-87CA-BB591F26AA32} => C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe [2009-11-25] ()
Task: {14B2FC40-6814-46E8-A7F5-60033D3C2CCC} - System32\Tasks\{7077534B-B0DA-4233-A226-4B3A1668C2BC} => pcalua.exe -a "C:\Windows\Don't Touch My Computer 2.scr" -d C:\Windows -c /S
Task: {16957A68-1CDF-45CC-A13B-996CAFD97303} - System32\Tasks\{710A9E0E-7496-4956-9048-FE7673AFDDB5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.152.370/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {1B14783E-1FD6-4188-B3FE-B21EDADDC75E} - System32\Tasks\{1F7A0BA3-0E63-4A57-818B-8FAD918B1DB0} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {1DC28D19-105E-4CCB-BEB7-F80F2FC3F62B} - System32\Tasks\{58CAD342-7C36-42FF-975B-A4ACB18C9E4E} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {1E34C81D-E9A8-45C4-A6CB-A79C7D7CA328} - System32\Tasks\{1DB91B33-4989-411E-9853-94929BC18234} => pcalua.exe -a "C:\Users\Peter Mühlhölzl\Downloads\irfanview_plugins_433_setup (1).exe" -d "C:\Users\Peter Mühlhölzl\Desktop"
Task: {29F7045A-3F0C-4104-B531-E84A44F4497C} - System32\Tasks\{119FFC5B-F220-42ED-B1DE-303B68E080A3} => C:\Users\Peter Mühlhölzl\Downloads\install_flashplayer10ax_gtbd_aih.exe
Task: {2E38B556-FAC3-4B45-A8B0-E31C03796AD4} - System32\Tasks\{7F99BC29-8058-4A03-98F7-050C2EA03218} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
Task: {2E67B939-8079-408C-809E-FD7FEF58341D} - System32\Tasks\{E0444572-0920-4116-8CC1-7E60E35B6726} => H:\Programme\Ahead\ImageDrive\ImageDrive.exe [2004-11-30] (Ahead Software AG)
Task: {2F536266-4D57-4A2A-98F5-21C3DC721278} - System32\Tasks\{07805ADB-8775-4E62-A074-43E542A9E694} => pcalua.exe -a "H:\ibm smart suite lotus millennium edition 9 6 setup.exe" -d H:\
Task: {30B641D9-0FD3-4DA9-AEB3-9C98363B7B18} - System32\Tasks\{AF98391B-4857-4378-B6EF-8E4132EEC571} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {32588C0E-3C60-4651-BF2D-E2C30273CDCA} - System32\Tasks\{8ACE438C-AC53-4B1C-B535-0DA673CB700C} => H:\Programme\Ahead\ImageDrive\ImageDrive.exe [2004-11-30] (Ahead Software AG)
Task: {40276AB7-A054-4508-ABD8-99C08E359352} - System32\Tasks\{90D5E9AB-BBFE-4689-8FA9-D7481E2E0626} => C:\Users\Peter Mühlhölzl\Downloads\install_flashplayer10ax_gtbd_aih.exe
Task: {434C49F0-4ABC-4B01-9244-DE5A7CA323A2} - System32\Tasks\{B9A06375-9884-4E21-BB14-31A7EFE8ACBB} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {498E5765-3DBC-457E-8230-114F7A4D2429} - System32\Tasks\{49103BEC-15F3-4064-8626-BA6EC75AC73A} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {4A550C08-27AD-4CEC-AC9E-458C23854536} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-24] (Adobe Systems Incorporated)
Task: {4D32F24E-8284-4B29-810A-169FF57CF446} - System32\Tasks\{87492628-0C8F-4698-B261-7C6C40FAC981} => pcalua.exe -a "C:\Users\Peter Mühlhölzl\Downloads\irfanview_plugins_433_setup.exe" -d "C:\Users\Peter Mühlhölzl\Desktop"
Task: {4F17A45F-F791-4D44-819B-A517A8719487} - System32\Tasks\{FF7C3F3A-B3D6-4440-846E-AACFADFE05F7} => pcalua.exe -a "C:\Users\Peter Mühlhölzl\Downloads\irfanview_plugins_438_setup.exe" -d "C:\Users\Peter Mühlhölzl\Desktop"
Task: {4F32BDC4-2A7D-4CDB-B13E-32C8CF38A582} - System32\Tasks\{FAAF095F-1D47-4BFA-B76B-E1B33F444F5C} => C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE [1999-04-23] (Microsoft Corporation)
Task: {58DC7CFF-CB33-44A6-8055-3F597094BF5C} - System32\Tasks\{9A62A267-7E0B-48E2-9769-3C2A8C47FAD5} => pcalua.exe -a "C:\Users\Peter Mühlhölzl\Downloads\irfanview_plugins_437_setup.exe" -d "C:\Users\Peter Mühlhölzl\Desktop"
Task: {5987620A-619B-40E1-AD6C-0453FF2D2410} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-12-26] (Glarysoft Ltd)
Task: {5A07D91D-2B81-431B-8052-ACD99C784BCD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-04] (Adobe Systems Incorporated)
Task: {5B32D3C1-CE54-4CF9-9DF3-BBE803C80973} - System32\Tasks\{FE37A13B-9B70-4DAC-AB83-6E1A04AB2248} => E:\INSTALL.EXE
Task: {65573854-7E5E-4B2A-8A33-AE1220356A9A} - System32\Tasks\{8D82F5EC-7B45-4253-B4B7-990B43159D73} => C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE [1999-04-23] (Microsoft Corporation)
Task: {686EAD60-93AF-42F4-B86C-C2BA761B6AF9} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {7088C724-5E92-4DD9-92D0-5ADFD5958A19} - System32\Tasks\{AF91A0BD-B566-4092-8A80-B5AD8CA70156} => pcalua.exe -a "C:\Users\Peter Mühlhölzl\Downloads\ADE_2.0_Installer.exe" -d "C:\Users\Peter Mühlhölzl\Desktop"
Task: {765D5A06-F082-4DD1-B044-449E149208BC} - System32\Tasks\{C57B8A72-D129-4219-B55D-B5101585C7EB} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {83179013-4A06-4D3B-B585-C42BD05526E0} - System32\Tasks\{952BF4BC-30D1-423B-9A70-4AA39662035C} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {86EC8708-5C64-4622-923F-33D8EF6F6C55} - System32\Tasks\Driver Booster SkipUAC (Peter Mühlhölzl) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-12-22] (IObit)
Task: {A182B929-09A9-4094-9174-1933F1F2DF7C} - System32\Tasks\{C1D94446-0F63-411E-9588-CFB4A8D122A8} => E:\INSTALL.EXE
Task: {A1E317A5-4F6A-4C4C-A800-A5A05F714AF4} - System32\Tasks\{D3825791-4279-4A51-A7C7-255EA635739F} => C:\Program Files\lotus\123\123w.exe
Task: {A751FE5F-68B6-474F-8EC6-8A37DD0D9726} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {A9C58ADA-D254-4FC3-A976-C87EB6DFC221} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-22] (IObit)
Task: {AC64F5DF-4D1F-49AD-B0AE-6D482A3C4A42} - System32\Tasks\{127096DA-B811-4D0B-9464-DD6A5E6C0A99} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {B07D377B-CE73-4E98-8608-0677710C669F} - System32\Tasks\{36D691C5-EC7E-43D6-B88B-0AF321B98B6B} => C:\Program Files\lotus\123\123w.exe
Task: {B565D2E4-95D1-4C70-B208-7EB78DA041F9} - System32\Tasks\{6966F1B1-7628-4237-9051-A51D34DDC66D} => C:\Users\Peter Mühlhölzl\Downloads\install_flashplayer10ax_gtbd_aih.exe
Task: {B90D0B3B-41DF-4813-AC07-181055D23B01} - System32\Tasks\{2605C173-396B-436A-AE4F-7A5B0EDA492C} => pcalua.exe -a "C:\Program Files (x86)\Software.com\Download Center\Download.exe" -c -u
Task: {BFA7AF56-4D01-4E3A-8840-FB8E9DB03C89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-24] (Adobe Systems Incorporated)
Task: {C6F8A07C-4169-4798-8EFC-0741B2B7045C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-20] (Piriform Ltd)
Task: {CE87B9EF-7016-4BCD-A90E-B50444695435} - System32\Tasks\{BBBE9B6B-2A53-45BD-9726-6CC15980395E} => E:\INSTALL.EXE
Task: {CF318E66-2A80-4F06-92F2-404E4ABBCB83} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)
Task: {D0422396-EBF3-4543-8A59-1E29B6DEE796} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-12-26] (Glarysoft Ltd)
Task: {D40FDFD1-B8C9-4977-A3DB-5C0AA4DF409F} - System32\Tasks\{5DE528D7-F2F8-4622-986B-47100BBF7B5B} => pcalua.exe -a "C:\Program Files (x86)\Glary Utilities 4\Uninstaller.exe" -d "C:\Program Files (x86)\Glary Utilities 4"
Task: {D54A8BC9-6AAE-4E38-BA5F-720073A70450} - System32\Tasks\{7F1F176E-572E-47E9-94B6-993CB5DC4A78} => pcalua.exe -a "C:\Users\Peter Mühlhölzl\Downloads\Adobe_Air_v15.0.0.356.exe" -d "C:\Users\Peter Mühlhölzl\Desktop"
Task: {DBFFD5FA-B475-4A46-9FB7-78E3A8C234EE} - System32\Tasks\{81E3021C-73C4-4C24-BAA2-6C0F3E847956} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2013-02-05] (Microsoft Corporation)
Task: {F00EC10A-A83E-429B-92DA-ACF609EF0068} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-22] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
==================== Loaded Modules (whitelisted) =============
2012-05-05 18:45 - 2014-11-12 22:56 - 00118080 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-09 16:35 - 2013-09-09 16:35 - 00344880 ____N () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2010-11-17 15:00 - 2010-11-17 15:00 - 00220672 ____N () C:\Program Files (x86)\Steganos Safe 15\ShellExtension.dll
2014-12-26 16:42 - 2014-12-26 16:42 - 03525431 ____N () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll
2010-10-19 08:31 - 2010-10-19 08:31 - 00205312 ____N () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2009-11-25 17:45 - 2009-11-25 17:45 - 00110592 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2009-12-28 16:25 - 2009-12-28 16:25 - 00036864 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
2013-09-09 16:35 - 2013-09-09 16:35 - 00326448 ____N () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2009-09-15 18:17 - 2009-09-15 18:17 - 00200704 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00000000 _____ () C:\Windows\system32\nvd3dum.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00000000 _____ () C:\Windows\system32\nvspcap.dll
2014-03-29 20:17 - 2014-03-29 20:17 - 00000000 _____ () C:\Windows\system32\packet.dll
2010-11-05 03:55 - 2010-09-14 02:28 - 00058880 ____N () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-12-05 21:33 - 2013-01-22 21:26 - 00605048 ____N () C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPContentFilter.dll
2014-12-05 21:33 - 2013-01-22 21:26 - 00229240 ____N () C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPButton.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows\system32\AERTAC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audioLibVc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CX64APO.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ICEsoundAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO5064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO6064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPOShell64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioRealtek64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxVoiceAPO2064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxVoiceAPO3064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NAHIMICAPOlfx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NahimicAPONSControl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RCoInstII64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RltkAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTCOM64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtDataProc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtkApi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtPgEx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRCOM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRCOM64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRRPTR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tadefxapo264.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvStreaming.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SRCOM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\oodisr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\oodisrh.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\oodivd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\oodivdh.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\RTKVHD64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tap0901.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:B3ED3AFF
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\ccsetup501.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\ccsetup501.exe:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\driver_booster_pro_setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\driver_booster_pro_setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\Firefox_Setup_de34.0.5.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\Firefox_Setup_de34.0.5.exe:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\gu515 setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\gu515 setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\IE11-Windows6.1-x64-de-de.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\IE11-Windows6.1-x64-de-de.exe:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\privazer2242_free.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\privazer2242_free.exe:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\RegSeeker2.57.zip:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\RegSeeker2.57.zip:$CmdZnID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\XMediaRecode3204_setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Peter Mühlhölzl\Downloads\XMediaRecode3204_setup.exe:$CmdZnID
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-2166599479-2100815452-1852773773-500 - Administrator - Disabled)
Gast (S-1-5-21-2166599479-2100815452-1852773773-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2166599479-2100815452-1852773773-1002 - Limited - Enabled)
Peter Mühlhölzl (S-1-5-21-2166599479-2100815452-1852773773-1000 - Administrator - Enabled) => C:\Users\Peter Mühlhölzl
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/05/2015 02:20:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7e1fab16-0dfe-4009-ac37-53553b55eea9}
Error: (01/04/2015 11:57:14 PM) (Source: MsiInstaller) (EventID: 11722) (User: PETERM)
Description: Produkt: O&O DiskImage Professional -- Fehler 1722. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein Programm, das im Rahmen der Installation ausgeführt wurde, wurde nicht erfolgreich abgeschlossen. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: UnregisterProxyStub, Pfad: C:\Program Files\OO Software\DiskImage\, Befehl: regsvr32.exe /s /u "C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll"
Error: (01/04/2015 11:53:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {cb68d6cb-81ca-4a73-ae18-c12de78decb3}
Error: (01/04/2015 11:13:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {206da09f-3460-4908-b45e-4cb920506fe1}
Error: (01/04/2015 10:39:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {6b5a8ecb-be50-41f0-9d3f-4c46491c6c7e}
Error: (01/04/2015 08:11:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {4396509a-f6a6-4737-b02c-e0dbd1e1d61a}
Error: (01/04/2015 08:00:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x1e40
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (01/04/2015 04:24:52 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {11cf2a0b-0911-4dc8-95dc-4cf9b25cb7d6}
Error: (01/04/2015 11:37:43 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {65824c03-ed3e-44ce-b2ad-03f58b13b7d7}
Error: (01/04/2015 11:08:58 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {b08c6c05-ef2e-4386-bf4b-58f2f63bfe8f}
System errors:
=============
Error: (01/05/2015 02:34:57 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (01/05/2015 02:21:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM
Error: (01/05/2015 02:20:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/04/2015 11:54:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM
Error: (01/04/2015 11:52:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/04/2015 11:13:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM
Error: (01/04/2015 11:13:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/04/2015 10:39:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM
Error: (01/04/2015 10:38:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/04/2015 08:12:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM
Microsoft Office Sessions:
=========================
Error: (01/05/2015 02:20:44 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7e1fab16-0dfe-4009-ac37-53553b55eea9}
Error: (01/04/2015 11:57:14 PM) (Source: MsiInstaller) (EventID: 11722) (User: PETERM)
Description: Produkt: O&O DiskImage Professional -- Fehler 1722. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein Programm, das im Rahmen der Installation ausgeführt wurde, wurde nicht erfolgreich abgeschlossen. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: UnregisterProxyStub, Pfad: C:\Program Files\OO Software\DiskImage\, Befehl: regsvr32.exe /s /u "C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll" (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/04/2015 11:53:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {cb68d6cb-81ca-4a73-ae18-c12de78decb3}
Error: (01/04/2015 11:13:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {206da09f-3460-4908-b45e-4cb920506fe1}
Error: (01/04/2015 10:39:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {6b5a8ecb-be50-41f0-9d3f-4c46491c6c7e}
Error: (01/04/2015 08:11:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {4396509a-f6a6-4737-b02c-e0dbd1e1d61a}
Error: (01/04/2015 08:00:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4KERNELBASE.dll6.1.7601.184095315a05ae06d7363000000000000940d1e4001d02850a9ddda38C:\Windows\explorer.exeC:\Windows\system32\KERNELBASE.dlle873abf3-9443-11e4-a775-1078d2ea8bce
Error: (01/04/2015 04:24:52 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {11cf2a0b-0911-4dc8-95dc-4cf9b25cb7d6}
Error: (01/04/2015 11:37:43 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {65824c03-ed3e-44ce-b2ad-03f58b13b7d7}
Error: (01/04/2015 11:08:58 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {b08c6c05-ef2e-4386-bf4b-58f2f63bfe8f}
CodeIntegrity Errors:
===================================
Date: 2014-03-30 18:03:38.731
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-30 18:03:38.684
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-06 17:43:03.384
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-06 17:43:03.259
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-30 17:38:44.651
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-30 17:38:44.586
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-30 17:24:17.102
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-30 17:24:17.028
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-23 20:02:10.687
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-23 20:02:10.624
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz
Percentage of memory in use: 34%
Total physical RAM: 6126.02 MB
Available physical RAM: 3989.49 MB
Total Pagefile: 12250.22 MB
Available Pagefile: 9706.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:456.44 GB) (Free:392.62 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.47 GB) (Free:457.33 GB) NTFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:410.44 GB) NTFS
Drive h: (Intenso) (Removable) (Total:7.82 GB) (Free:2.23 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2BA6379E)
Partition 1: (Not Active) - (Size=17.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7.8 GB) (Disk ID: 6B366722)
Partition 1: (Not Active) - (Size=7.8 GB) - (Type=0B)
========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 33C2C3C3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Danke für eine baldige Antwort.
mfg
Klaus aus |