DrCornwallac | 07.03.2015 15:24 | Nein, weitere Scans habe ich nicht durchgeführt, daher auch keine weiteren Logs.
Hier einmal die Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Christoph at 2015-03-07 15:10:22
Running from C:\Users\Christoph\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
FLIGHT DIARY (x32 Version: 1.00.0000 - WILLPLUS) Hidden
[Windows 7 Theme] Erica Hartmann by Shiroskin (HKLM-x32\...\{bf6e38f6-d0c6-46cb-8d5b-3378cfb0725e}_is1) (Version: - k-rlitos.com)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29126 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acoustica MP3 To Wave Converter PLUS (HKLM-x32\...\Acoustica MP3 To Wave Converter PLUS) (Version: 2.5 - Acoustica, Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{7E33E883-0D17-4397-A461-B576605E34B1}) (Version: 12.1.6.156 - Adobe Systems, Inc)
Aegisub 3.0.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.2 - Aegisub Team)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment)
Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version: - Remedy Entertainment)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
Amazon Cloud Player (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
ATLAS Translation Standard V14.0 Trial Version (HKLM-x32\...\{6652750B-AA69-49B7-9D09-C0A28B6FFC9F}) (Version: 14.00.2000 - FUJITSU LIMITED)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.0.8179 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Belkin Connect Wireless USB Adapter (HKLM-x32\...\InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}) (Version: 1.0.0.3 - Belkin)
Belkin Connect Wireless USB Adapter (x32 Version: 1.0.0.3 - Belkin) Hidden
Binary Domain (HKLM-x32\...\Steam App 203750) (Version: - Sega)
Browser Extensions (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.2 - Spigot, Inc.) <==== ATTENTION
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Command and Conquer: Red Alert 3 - Uprising (HKLM-x32\...\Steam App 24800) (Version: - EA Los Angeles)
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dropbox (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Dropbox) (Version: 2.0.0 - Dropbox, Inc.)
Druckerdeinstallation für EPSON XP-215 217 Series (HKLM\...\EPSON XP-215 217 Series) (Version: - SEIKO EPSON Corporation)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Eufloria HD (HKLM-x32\...\EufloriaHD) (Version: - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Everlasting Summer (HKLM-x32\...\Steam App 331470) (Version: - Soviet Games)
eXceed 2nd - Vampire REX (HKLM-x32\...\Steam App 207380) (Version: - Tennen-sozai)
Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Fraps (HKLM-x32\...\Fraps) (Version: - )
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.5 - G DATA Software AG)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Go! Go! Nippon! ~My First Trip to Japan~ (HKLM-x32\...\Steam App 251870) (Version: - OVERDRIVE)
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 3.2 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HF pAppLoc version 1.0 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.0 - Inquisitor)
High-Definition Video Playback (x32 Version: 11.1.11500.4.273 - Nero AG) Hidden
IF MY HEART HAD WINGS (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\{5A0D1CE9-01BE-47E7-A019-45D5970AC1DA}) (Version: 1.00.0000 - MoeNovel)
IF MY HEART HAD WINGS (x32 Version: 1.00.0000 - MoeNovel) Hidden
ILLUSION @ふぉーむメイト (HKLM-x32\...\{2510CF9A-3D92-4D1E-9124-080F53F4E293}) (Version: 1.00.0000 - ILLUSION)
ILLUSION ジンコウガクエン (HKLM-x32\...\{C109AF5B-69D0-4C93-B360-F28D9FAB6084}) (Version: 1.00.0000 - ILLUSION)
ILLUSION ジンコウガクエン きゃらめいく (HKLM-x32\...\{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}) (Version: 1.00.0000 - ILLUSION)
Influent (HKLM-x32\...\Steam App 274980) (Version: - Rob Howland)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Japanese Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause 1.00.0000 (HKLM-x32\...\{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}) (Version: 1.00.0000 - Eidos)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Legend of Grimrock (HKLM-x32\...\Legend of Grimrock) (Version: - )
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version: - Daniel Rebelo)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version: - Electronic Arts)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue)
Mouse Editor (HKLM-x32\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Ihr Firmenname)
MOUSE Editor (x32 Version: 12.08.0006 - Ihr Firmenname) Hidden
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 to WAV RES (HKLM-x32\...\MP3 to WAV RES) (Version: - )
MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
NEKOPARA vol.1 (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\{64DC04AF-BD7C-4CF4-9CA4-938953224328}) (Version: - NEKO WORKs)
Nero Kwik Media (HKLM-x32\...\{22758D8F-E023-44ED-8647-3C6985ABF663}) (Version: 11.2.00900 - Nero AG)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Onigiri_US (HKLM-x32\...\{E5A8486E-4E03-4F59-A44A-88399E341F41}) (Version: 1.00.0000 - CyberStep, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.4 beta r1617 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6631 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version: - Volition)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 2.0.1.60 - Steppschuh)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.15.0 - SAMSUNG Electronics Co., Ltd.)
Search Protection (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Search Protection) (Version: 11.1.0.1 - Spigot, Inc.) <==== ATTENTION
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version: - Croteam)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Serious Sam Classic: The First Encounter (HKLM-x32\...\Steam App 41050) (Version: - Croteam)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version: - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version: - Croteam)
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
SiSoftware Sandra Lite 2013.SP3a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.44.2013.5 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Snow Sakura (HKLM-x32\...\Snow Sakura) (Version: - )
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steins;Gate version 1.0 (HKLM\...\{2A05A52B-BDD8-4FD5-A65A-687CB10D98DF}_is1) (Version: 1.0 - JAST USA)
SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54 (HKLM-x32\...\{8F311E92-C29F-4DF9-8259-B739A1831669}_is1) (Version: v2012.build.54 - eRightSoft)
Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unholy Heights (HKLM-x32\...\Steam App 249330) (Version: - Petit Depotto)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - )
VLC Streamer 4.96 (HKLM-x32\...\VLC Streamer_is1) (Version: - )
WD Drive Utilities (HKLM-x32\...\{B2BCCFEC-2623-40E5-9522-DEC488E6B730}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{507B1304-194A-4204-A9D9-9BAAF51EF760}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{8A7B24E8-864E-4794-95C4-17644D0991AA}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{A7C403DA-B8D9-4CA0-93D9-6C7F00772240}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{ba99df5b-3e46-419e-81e2-544352772fda}) (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 Codec Pack 4.0.3 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.3 - Windows 7 Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Within A Deep Forest (HKLM-x32\...\{736D1B73-18AC-4F51-B544-44FD149B7E0B}) (Version: 1.00.0000 - Within A Deep Forest)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.0 - Wrye & Wrye Bash Development Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
Ys Origin (HKLM-x32\...\Steam App 207350) (Version: - Nihon Falcom)
この大空に、翼をひろげて FLIGHT DIARY (HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\{0A3E9ABF-9365-4B44-BA12-1D156EFD9545}) (Version: 1.00.0000 - WILLPLUS)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2001810455-1053792824-432003306-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2001810455-1053792824-432003306-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2001810455-1053792824-432003306-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2001810455-1053792824-432003306-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2001810455-1053792824-432003306-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
==================== Restore Points =========================
05-03-2015 15:08:31 Installed Pokémon Uranium Beta 4.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2013-04-23 17:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0FF3526E-7BC5-4A2F-B424-DCC1819F75B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-01] (Google Inc.)
Task: {340EA12A-A4AF-45E2-9D23-3554F496B259} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {5553F440-47E7-4C06-82E2-8755F07245BA} - System32\Tasks\EPSON XP-215 217 Series Update {5B557CE1-4321-4890-B411-4403944F2B02} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2012-11-18] (SEIKO EPSON CORPORATION)
Task: {677F7100-32DA-4F87-987B-13C21A2300DA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {73978015-F6ED-48A4-99C7-5EE52FC4D2FC} - \MySearchDial No Task File <==== ATTENTION
Task: {7CDA93DC-15A4-4BA0-A864-6422D9DE69BD} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {AF91DF1E-B4F3-472F-81CE-E5E5702529DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-01] (Google Inc.)
Task: {CDE5011A-3CF9-4CD7-AF06-FC2B5313157A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {D3CD0EDC-F146-4564-A92A-956BC3124E83} - System32\Tasks\EPSON XP-215 217 Series Invitation {5B557CE1-4321-4890-B411-4403944F2B02} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2012-11-18] (SEIKO EPSON CORPORATION)
Task: {D6D7E0C3-779A-4CB7-918F-27FEF2B127C3} - System32\Tasks\{61926E15-433F-4291-AA68-E9A9642D8C27} => pcalua.exe -a C:\Users\Christoph\Downloads\epson327370eu.exe -d C:\Users\Christoph\Downloads
Task: {F9DD4BA9-3FED-4223-A55C-F37EF6523CB9} - System32\Tasks\{8040A18B-8B02-4CE0-91F6-7350FB42E01F} => pcalua.exe -a F:\.\MESIAMLT.exe -d F:\
Task: {FE192D8F-9029-4D2B-ADCE-DC756BB1972F} - System32\Tasks\EPSON XP-215 217 Series Invitation {C08A5572-83AC-495D-AFED-1683BC8FEAD1} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2012-11-18] (SEIKO EPSON CORPORATION)
Task: {FE3ED63B-3F14-4A1A-A737-9B902B196F7B} - System32\Tasks\EPSON XP-215 217 Series Update {C08A5572-83AC-495D-AFED-1683BC8FEAD1} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2012-11-18] (SEIKO EPSON CORPORATION)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {5B557CE1-4321-4890-B411-4403944F2B02}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {C08A5572-83AC-495D-AFED-1683BC8FEAD1}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {5B557CE1-4321-4890-B411-4403944F2B02}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{5B557CE1-4321-4890-B411-4403944F2B02} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {C08A5572-83AC-495D-AFED-1683BC8FEAD1}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{C08A5572-83AC-495D-AFED-1683BC8FEAD1} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) ==============
2014-06-16 15:51 - 2013-03-15 05:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-30 11:59 - 2012-02-21 11:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-12-06 07:07 - 2013-12-06 07:07 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-01-10 13:41 - 2013-09-03 13:32 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2012-08-16 04:11 - 2012-08-16 04:11 - 03333632 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2014-04-07 01:24 - 2014-03-07 21:39 - 03168576 _____ () C:\Users\Christoph\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2015-02-27 10:16 - 2015-02-27 10:16 - 00901728 _____ () C:\Users\Christoph\AppData\Roaming\Search Protection\SP.exe
2012-09-02 13:08 - 2012-09-02 13:08 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-09-02 13:08 - 2012-09-02 13:08 - 00734408 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2010-12-02 10:56 - 2010-12-02 10:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2011-01-09 13:45 - 2011-01-09 13:45 - 00088064 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2012-06-14 08:59 - 2012-06-14 08:59 - 02414080 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2012-05-17 04:17 - 2012-05-17 04:17 - 01000448 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 07:18 - 2010-09-20 07:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 07:18 - 2010-09-20 07:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2011-04-12 08:14 - 2011-04-12 08:14 - 00063488 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 13:16 - 2010-11-01 13:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2012-04-27 04:40 - 2012-04-27 04:40 - 00118272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2015-02-06 00:37 - 2015-02-06 00:37 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2012-07-30 11:59 - 2012-02-21 11:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2001810455-1053792824-432003306-1004\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2001810455-1053792824-432003306-500 - Administrator - Enabled) => C:\Users\Administrator
Christoph (S-1-5-21-2001810455-1053792824-432003306-1000 - Administrator - Enabled) => C:\Users\Christoph
Gast (S-1-5-21-2001810455-1053792824-432003306-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2001810455-1053792824-432003306-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-2001810455-1053792824-432003306-1004 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/07/2015 03:08:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/07/2015 02:26:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (03/07/2015 02:21:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GDFwSvcx64.exe, Version: 4.1.14233.221, Zeitstempel: 0x53f54e26
Name des fehlerhaften Moduls: GDFwSvcx64.exe, Version: 4.1.14233.221, Zeitstempel: 0x53f54e26
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005213e
ID des fehlerhaften Prozesses: 0x105c
Startzeit der fehlerhaften Anwendung: 0xGDFwSvcx64.exe0
Pfad der fehlerhaften Anwendung: GDFwSvcx64.exe1
Pfad des fehlerhaften Moduls: GDFwSvcx64.exe2
Berichtskennung: GDFwSvcx64.exe3
Error: (03/07/2015 02:20:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2015 02:17:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ee28
ID des fehlerhaften Prozesses: 0x548
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Error: (03/07/2015 01:17:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error: (03/07/2015 01:16:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/07/2015 01:14:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2015 01:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GDFwSvcx64.exe, Version: 4.1.14233.221, Zeitstempel: 0x53f54e26
Name des fehlerhaften Moduls: GDFwSvcx64.exe, Version: 4.1.14233.221, Zeitstempel: 0x53f54e26
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005213e
ID des fehlerhaften Prozesses: 0xe58
Startzeit der fehlerhaften Anwendung: 0xGDFwSvcx64.exe0
Pfad der fehlerhaften Anwendung: GDFwSvcx64.exe1
Pfad des fehlerhaften Moduls: GDFwSvcx64.exe2
Berichtskennung: GDFwSvcx64.exe3
Error: (03/06/2015 10:36:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
System errors:
=============
Error: (03/07/2015 02:22:41 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7
Error: (03/07/2015 02:22:41 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (03/07/2015 02:22:41 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7
Error: (03/07/2015 02:22:41 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (03/07/2015 02:19:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.03.2015 um 14:17:25 unerwartet heruntergefahren.
Error: (03/07/2015 02:17:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (03/07/2015 02:17:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
GDKBFlt
Error: (03/07/2015 02:16:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.03.2015 um 14:14:59 unerwartet heruntergefahren.
Error: (03/07/2015 02:14:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.03.2015 um 14:14:04 unerwartet heruntergefahren.
Error: (03/07/2015 01:15:38 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7
Microsoft Office Sessions:
=========================
Error: (03/07/2015 03:08:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Christoph\Downloads\esetsmartinstaller_enu.exe
Error: (03/07/2015 02:26:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 16000000005481010055810100600B0000
Error: (03/07/2015 02:21:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GDFwSvcx64.exe4.1.14233.22153f54e26GDFwSvcx64.exe4.1.14233.22153f54e26c0000005000000000005213e105c01d058d980ac3e90C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exeC:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.execeab13f7-c4cc-11e4-93cf-bc5ff436bab1
Error: (03/07/2015 02:20:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2015 02:17:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000000ee2854801d058d8f9aaeacdC:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe55731d65-c4cc-11e4-bc85-bc5ff436bab1
Error: (03/07/2015 01:17:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 16000000005481010055810100600B0000
Error: (03/07/2015 01:16:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Christoph\Downloads\esetsmartinstaller_enu.exe
Error: (03/07/2015 01:14:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2015 01:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GDFwSvcx64.exe4.1.14233.22153f54e26GDFwSvcx64.exe4.1.14233.22153f54e26c0000005000000000005213ee5801d058d022ed4b58C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exeC:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe84bc8fe6-c4c3-11e4-ada7-bc5ff436bab1
Error: (03/06/2015 10:36:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 16000000005481010055810100600B0000
CodeIntegrity Errors:
===================================
Date: 2015-03-02 18:55:08.107
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 18:55:07.951
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 16:51:49.722
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 16:51:49.644
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 16:46:40.866
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 16:46:40.788
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 16:20:40.180
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 16:20:40.102
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 15:52:28.416
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-02 15:52:28.275
Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\igdkmd64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 16270.92 MB
Available physical RAM: 12352.29 MB
Total Pagefile: 32540.02 MB
Available Pagefile: 28272.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:160 GB) (Free:13.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:771.51 GB) (Free:81.81 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:931.48 GB) (Free:315.75 GB) NTFS
Drive g: (pm-stein) (CDROM) (Total:2.28 GB) (Free:0 GB) CDFS
Drive i: (DRIVE-N-GO) (Fixed) (Total:931.51 GB) (Free:520.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DE2CC6FD)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: CA52B9B9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 7D8067A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Und FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Christoph (administrator) on CHRISTOPH-PC on 07-03-2015 15:09:55
Running from C:\Users\Christoph\Downloads
Loaded Profiles: Christoph & UpdatusUser (Available profiles: Christoph & UpdatusUser & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(www.shadowexplorer.com) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
() C:\Program Files (x86)\puush\puush.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Users\Christoph\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Users\Christoph\AppData\Roaming\Search Protection\SP.exe
(BitTorrent Inc.) C:\Users\Christoph\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Christoph\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-11-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [966072 2012-10-11] (Samsung)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [580096 2012-10-09] (Samsung Electronics)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843208 2012-11-03] (Samsung)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-09-03] ()
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] ()
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [Amazon Cloud Player] => C:\Users\Christoph\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843208 2012-11-03] (Samsung)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [Search Protection] => C:\Users\Christoph\AppData\Roaming\Search Protection\SP.EXE [901728 2015-02-27] ()
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Run: [uTorrent] => C:\Users\Christoph\AppData\Roaming\uTorrent\uTorrent.exe [1051984 2015-03-07] (BitTorrent Inc.)
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\...\Policies\system: [DisableLockWorkstation] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [250504 2013-03-15] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [205184 2013-03-15] (NVIDIA Corporation)
Startup: C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christoph\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2001810455-1053792824-432003306-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2001810455-1053792824-432003306-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_15_ff&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEtAyC0B0A0BtC0A0Azz0BtN0D0Tzu0SzztAtBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtAzzyCzzzztA0EtG0D0B0BzytG0FtD0F0DtG0DyEyByDtGyEtAyDtA0EyByDyE0FyDtB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCtCyC0ByDyD0BtGyEyD0BtBtGtBtDtBtCtGzz0C0C0CtGyCtCtCyCzy0BtBtC0FyDtDyE2Q&cr=1745046569&ir=
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2001810455-1053792824-432003306-1000 -> DefaultScope {669DCF8C-6CB2-4C40-BBF5-FE948542B767} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2001810455-1053792824-432003306-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-2001810455-1053792824-432003306-1000 -> {669DCF8C-6CB2-4C40-BBF5-FE948542B767} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Christoph\AppData\Roaming\Browser Extensions\Coupons64.dll (S p i g o t, I n c .)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ATLAS Toolbar -> {3C6301ED-0F78-4AF2-8150-D9C052361A8E} -> C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - ATLAS Toolbar - {3C6301ED-0F78-4AF2-8150-D9C052361A8E} - C:\Program Files (x86)\ATLAS V14\ATLIECP.DLL (FUJITSU LIMITED)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B0C7E6B8-57C9-4D8E-BBA1-51AE72F78CD9}: [NameServer] 8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=242154&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2001810455-1053792824-432003306-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2001810455-1053792824-432003306-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\searchplugins\yahoo_ff.xml
FF Extension: Avira Browser Safety - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\abs@avira.com [2014-08-05]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\ich@maltegoetz.de [2013-12-13]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2013-12-06]
FF Extension: Start Page - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\{32da2f20-827d-40aa-a3b4-2fc4a294352e} [2014-09-16]
FF Extension: Slick Savings - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\{46eddf51-a4f6-4476-8d6c-31c5187b2a2f} [2014-09-16]
FF Extension: Amazon Shopping Assistant by Spigot - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\{84a93d51-b7a9-431e-8ff8-d60e5d7f5df1} [2014-09-16]
FF Extension: DownloadHelper - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\{f894a29a-f065-40c3-bb19-da6057778493} [2014-09-16]
FF Extension: MEGA EXTENSION - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\firefox@mega.co.nz.xpi [2013-03-13]
FF Extension: Adblock Plus - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\tclm7k0f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-07]
FF Extension: Manga Fetcher - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\mfetcher@gmx.net [2014-09-11]
FF Extension: Rikaichan Japanese-German Dictionary File - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\rikaichan-jpde@polarcloud.com [2014-07-15]
FF Extension: Rikaichan - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2014-07-15]
FF Extension: FireShot - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-02-24]
FF Extension: DownloadHelper - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: FlashDisable - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\jid0-bbA9VAawX3LMWDu668aUDrpQVXU@jetpack.xpi [2015-01-17]
FF Extension: No Name - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2014-04-06]
FF Extension: ProxTube - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-31]
FF Extension: No Name - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\8pd685pl.Teste\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-29]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-05]
Chrome:
=======
CHR HomePage: Default -> https://de.search.yahoo.com/?type=242154&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://de.search.yahoo.com/?type=242154&fr=yo-yhp-ch"
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSearchURL: Default -> https://de.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=242154&p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-06]
CHR Extension: (Google Drive) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-06]
CHR Extension: (Google Search) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-06]
CHR Extension: (Google Wallet) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-06]
CHR Extension: (Gmail) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-06]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [782208 2015-01-16] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-12-06] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3a\RpcAgentSrv.exe [71832 2009-04-22] (SiSoftware) [File not signed]
R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-12-28] (Microsoft Corporation) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-13] (Disc Soft Ltd)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-12-15] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-01-15] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-12-15] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-12-15] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-03-03] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-03-03] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-12-15] (G Data Software AG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2013-01-30] (Huawei Technologies Co., Ltd.)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-07-19] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-09] (Malwarebytes Corporation)
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 14:54 - 2015-03-07 14:54 - 02092544 _____ (Farbar) C:\Users\Christoph\Downloads\FRST64(1).exe
2015-03-07 14:13 - 2015-03-07 14:13 - 695185348 _____ () C:\Windows\MEMORY.DMP
2015-03-07 13:07 - 2015-03-07 13:10 - 00004169 _____ () C:\Users\Christoph\Desktop\magnets.txt
2015-03-06 00:46 - 2015-03-06 00:46 - 00017858 _____ () C:\Users\Christoph\Downloads\[DeadFish] Akatsuki no Yona - 14 [720p][AAC].mp4.torrent
2015-03-05 22:42 - 2015-03-05 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 16:19 - 2015-03-05 16:20 - 00000000 ____D () C:\Users\Christoph\Downloads\Dame - Auf die guten alten Zeiten [Official HD Video]
2015-03-05 14:08 - 2015-03-05 14:52 - 63463424 _____ () C:\Users\Christoph\Downloads\EpicGamesLauncherInstaller-2.0.1-2467307.msi
2015-03-03 20:38 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 20:38 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 20:38 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 20:38 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 15:39 - 2015-03-03 15:42 - 06208736 _____ (Tim Kosse) C:\Users\Christoph\Downloads\FileZilla_3.10.2_win32-setup.exe
2015-03-03 10:22 - 2015-03-03 10:22 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-03-03 10:22 - 2015-03-03 10:22 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2015-03-03 10:19 - 2015-03-03 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2015-03-03 09:40 - 2015-03-03 09:40 - 00000144 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-03-02 23:46 - 2015-03-07 14:19 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-03-02 23:46 - 2015-03-07 14:19 - 00000000 ____D () C:\Windows\system32\NV
2015-03-02 23:46 - 2015-03-02 23:46 - 00000451 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-03-02 23:11 - 2015-03-02 23:11 - 01363456 _____ (Björn Bastian) C:\Users\Christoph\Downloads\USB-Fehlerbehebung_2.2.exe
2015-03-02 18:46 - 2015-03-02 18:52 - 00000000 ____D () C:\Users\Christoph\Downloads\usblogview
2015-03-02 18:46 - 2015-03-02 18:46 - 00208537 _____ () C:\Users\Christoph\Downloads\usblogview.zip
2015-03-02 16:50 - 2015-03-02 16:50 - 00002253 _____ () C:\Users\Administrator\Desktop\Google Chrome.lnk
2015-03-02 16:50 - 2015-03-02 16:50 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-03-02 16:42 - 2015-03-02 17:29 - 00000000 ____D () C:\Users\Christoph\Downloads\usbdeview-x64
2015-03-02 16:42 - 2015-03-02 16:42 - 00108330 _____ () C:\Users\Christoph\Downloads\usbdeview-x64.zip
2015-02-28 20:58 - 2015-02-28 20:58 - 00000222 _____ () C:\Users\Christoph\Desktop\Influent.url
2015-02-28 13:33 - 2015-02-28 13:33 - 00021314 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] Lonely Yuri.torrent
2015-02-27 21:37 - 2015-02-27 21:37 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Steam
2015-02-26 00:50 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 00:50 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 23:20 - 2015-02-24 23:20 - 00025138 _____ () C:\Users\Christoph\Downloads\[DeadFish] Koufuku Graffiti - 07 [720p][AAC].mp4.torrent
2015-02-24 23:19 - 2015-02-24 23:19 - 00024772 _____ () C:\Users\Christoph\Downloads\[DeadFish] Dog Days'' - 07 [720p][AAC].mp4.torrent
2015-02-24 23:18 - 2015-02-24 23:18 - 00028267 _____ () C:\Users\Christoph\Downloads\[DeadFish] Shinmai Maou no Testament - 07 [720p][AAC].mp4.torrent
2015-02-24 23:18 - 2015-02-24 23:18 - 00025738 _____ () C:\Users\Christoph\Downloads\[DeadFish] Akatsuki no Yona - 19 [720p][AAC].mp4.torrent
2015-02-24 23:18 - 2015-02-24 23:18 - 00019150 _____ () C:\Users\Christoph\Downloads\[DeadFish] Saenai Heroine no Sodatekata - 06 [720p][AAC].mp4.torrent
2015-02-24 23:17 - 2015-02-24 23:17 - 00032958 _____ () C:\Users\Christoph\Downloads\[DeadFish] JoJo no Kimyou na Bouken_ Stardust Crusaders - Egypt Hen - 07 [720p][AAC].mp4.torrent
2015-02-24 23:17 - 2015-02-24 23:17 - 00023538 _____ () C:\Users\Christoph\Downloads\[DeadFish] Bishoujo Senshi Sailor Moon_ Crystal - 16 [720p][AAC].mp4.torrent
2015-02-24 23:16 - 2015-02-24 23:16 - 00018745 _____ () C:\Users\Christoph\Downloads\[DeadFish] Shigatsu wa Kimi no Uso - 18 [720p][AAC].mp4.torrent
2015-02-24 19:59 - 2015-02-24 19:59 - 00000090 _____ () C:\Users\Christoph\Desktop\mirai.txt
2015-02-23 13:19 - 2015-02-23 13:19 - 00715796 _____ () C:\Users\Christoph\Downloads\MKVExtractGUI-2.2.2.8.zip
2015-02-23 13:19 - 2015-02-23 13:19 - 00000000 ____D () C:\Users\Christoph\Downloads\MKVExtractGUI-2.2.2.8
2015-02-22 16:15 - 2015-02-22 16:15 - 00037691 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] Tsukihime.torrent
2015-02-22 16:15 - 2015-02-22 16:15 - 00023675 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] Tsukihime Plus Disc.torrent
2015-02-22 13:06 - 2015-02-22 13:06 - 00041519 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss for the Petals Sweet Grownup Kisses.torrent
2015-02-22 13:05 - 2015-02-22 13:05 - 00046797 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss for the Petals PetalColored Angel.torrent
2015-02-22 13:05 - 2015-02-22 13:05 - 00041377 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss For The Petals Sweet Enchanting Kisses.torrent
2015-02-22 13:05 - 2015-02-22 13:05 - 00034845 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss For The Petals The Joy Of Loving You.torrent
2015-02-22 13:05 - 2015-02-22 13:05 - 00032354 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss for the Petals Whisper With A Kiss.torrent
2015-02-22 13:05 - 2015-02-22 13:05 - 00028349 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss For The Petals Joined In Love With You.torrent
2015-02-22 13:05 - 2015-02-22 13:05 - 00016697 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss For The Petals Beloved Photograph.torrent
2015-02-22 13:04 - 2015-02-22 13:04 - 00030340 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] A Kiss For The Petals My Dear Prince.torrent
2015-02-22 12:58 - 2015-02-22 12:58 - 00016524 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] Fate Hollow Ataraxia.torrent
2015-02-21 22:45 - 2015-02-21 22:45 - 00026518 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] Wind A Breath of Heart Regratitude(1).torrent
2015-02-21 22:43 - 2015-02-21 22:43 - 00026518 _____ () C:\Users\Christoph\Downloads\[Fuwanovel] Wind A Breath of Heart Regratitude.torrent
2015-02-21 21:29 - 2015-03-05 16:20 - 00000000 ____D () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 12-(720p x264 AAC)(8 Bit)
2015-02-21 20:14 - 2015-02-21 21:29 - 00000000 ____D () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 13-(720p x264 AAC)(8 Bit - Softsub)
2015-02-21 17:55 - 2015-02-21 20:14 - 00000000 ____D () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 11-(720p x264 AAC)(8 Bit)
2015-02-21 15:58 - 2015-02-21 17:55 - 00000000 ____D () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 10-(720p x264 AAC)(8 Bit)
2015-02-21 10:21 - 2015-02-21 15:58 - 00000000 ____D () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 09-(720p x264 AAC)(8 Bit)
2015-02-21 10:14 - 2015-02-21 10:18 - 00000000 ____D () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 01-(720p x264 AAC)[8 Bit]
2015-02-21 00:09 - 2015-02-21 00:59 - 139061960 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 09-(720p x264 AAC)(8 Bit).mp4.part
2015-02-19 23:34 - 2015-02-20 18:22 - 351114264 _____ () C:\Users\Christoph\Downloads\[YY-S]_Tokyo_Ravens_-_7.mp4
2015-02-19 23:23 - 2015-02-21 00:09 - 287466475 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 08-(720p x264 AAC)(8 Bit).mp4
2015-02-19 20:09 - 2015-02-19 23:23 - 457882993 _____ () C:\Users\Christoph\Downloads\[YY-S] Tokyo Ravens - 22.mp4
2015-02-19 11:22 - 2015-02-19 23:31 - 351114264 _____ () C:\Users\Christoph\Downloads\[YY-S] Tokyo Ravens - 07.mp4
2015-02-18 15:18 - 2015-02-18 15:19 - 00000026 _____ () C:\Users\Christoph\Desktop\Neues Textdokument (3).txt
2015-02-16 16:12 - 2015-02-19 03:37 - 292248901 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo_Ravens_-_06-(720p_x264__AAC)(8_Bit).mp4
2015-02-15 14:14 - 2015-02-15 14:14 - 00002134 _____ () C:\Users\Christoph\Desktop\All in One Runtimes - CHIP Downloader.lnk
2015-02-15 13:58 - 2015-02-15 13:58 - 00010736 _____ () C:\Windows\unins000.dat
2015-02-15 13:58 - 2015-02-15 13:56 - 01198049 _____ () C:\Windows\unins000.exe
2015-02-15 13:58 - 2014-06-05 08:07 - 01177088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2015-02-15 13:58 - 2014-06-05 08:07 - 00271360 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2015-02-15 13:58 - 2014-06-05 08:07 - 00271360 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libssl32.dll
2015-02-15 13:58 - 2014-06-01 19:53 - 00460104 _____ (AutoIt Team) C:\Windows\SysWOW64\autoitx3.dll
2015-02-15 13:58 - 2014-01-25 14:30 - 00131072 _____ (Sereby Corporation) C:\Windows\SysWOW64\AiORuntimes.dll
2015-02-15 13:58 - 2013-12-20 01:48 - 00444328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshflxgd.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00259736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00219288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00131728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00130712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2015-02-15 13:58 - 2013-12-20 01:48 - 00127640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2015-02-15 13:58 - 2013-12-20 01:48 - 00104088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2015-02-15 13:58 - 2013-12-20 01:48 - 00084624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2015-02-15 13:58 - 2013-08-31 21:40 - 03115385 _____ (Red Hat) C:\Windows\SysWOW64\cygwin1.dll
2015-02-15 13:58 - 2012-06-14 15:36 - 00107520 _____ () C:\Windows\SysWOW64\zlib1.dll
2015-02-15 13:58 - 2012-04-03 17:11 - 00138752 _____ () C:\Windows\SysWOW64\libpng15.dll
2015-02-15 13:58 - 2011-10-12 04:09 - 04033440 _____ (Intel Corporation) C:\Windows\SysWOW64\libmmd.dll
2015-02-15 13:58 - 2011-01-12 14:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71DEU.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ITA.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71FRA.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ESP.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ENU.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71KOR.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71JPN.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71CHT.dll
2015-02-15 13:58 - 2011-01-12 14:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71CHS.dll
2015-02-15 13:58 - 2011-01-12 14:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-02-15 13:58 - 2011-01-12 13:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2015-02-15 13:58 - 2010-06-27 18:44 - 00053248 _____ (Adobe Systems, Incorporated) C:\Windows\system\plugin.dll
2015-02-15 13:58 - 2010-03-18 21:21 - 00799568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdia100.dll
2015-02-15 13:58 - 2008-08-26 07:40 - 00162304 _____ () C:\Windows\SysWOW64\libpng13.dll
2015-02-15 13:58 - 2008-03-14 18:21 - 01008128 _____ (GnuWin32 <hxxp://gnuwin32.sourceforge.net>) C:\Windows\SysWOW64\libiconv2.dll
2015-02-15 13:58 - 2007-01-30 23:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2015-02-15 13:58 - 2006-08-26 01:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ITA.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70FRA.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ESP.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70DEU.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ENU.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70KOR.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70JPN.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70CHT.dll
2015-02-15 13:58 - 2006-08-26 01:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70CHS.dll
2015-02-15 13:58 - 2006-08-26 01:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2015-02-15 13:58 - 2006-08-26 00:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2015-02-15 13:58 - 2005-05-06 14:52 - 00103424 _____ (GNU <www.gnu.org>) C:\Windows\SysWOW64\libintl3.dll
2015-02-15 13:58 - 2005-01-20 20:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2015-02-15 13:58 - 2002-01-05 06:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2015-02-15 13:58 - 1996-01-12 04:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\system\vb40016.dll
2015-02-15 13:58 - 1994-11-17 14:00 - 00210944 _____ () C:\Windows\system\msvcrt10.dll
2015-02-15 13:58 - 1993-05-11 20:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\system\vbrun300.dll
2015-02-15 13:58 - 1992-10-21 01:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2015-02-15 13:58 - 1991-05-10 02:00 - 00271264 _____ () C:\Windows\system\vbrun100.dll
2015-02-15 13:48 - 2015-02-15 13:48 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-15 13:47 - 2015-02-15 13:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-15 13:23 - 2015-02-15 13:23 - 01203488 _____ () C:\Users\Christoph\Downloads\All in One Runtimes - CHIP-Installer.exe
2015-02-15 03:57 - 2015-02-15 03:57 - 00000222 _____ () C:\Users\Christoph\Desktop\Go! Go! Nippon! ~My First Trip to Japan~.url
2015-02-15 03:54 - 2015-02-15 14:23 - 00000842 _____ () C:\Users\Christoph\Desktop\NeptuniaReBirth1.exe - Verknüpfung.lnk
2015-02-15 03:02 - 2015-02-15 03:02 - 00000000 ____D () C:\ProgramData\Steam
2015-02-14 17:28 - 2015-03-03 15:43 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\FileZilla
2015-02-14 17:27 - 2015-02-14 17:27 - 00000000 ____D () C:\Users\Christoph\Downloads\filezilla_3.10.1.1_win32
2015-02-14 17:23 - 2015-02-14 17:27 - 09498456 _____ () C:\Users\Christoph\Downloads\filezilla_3.10.1.1_win32.zip
2015-02-14 16:26 - 2015-02-14 16:33 - 00000000 ____D () C:\Users\Christoph\Downloads\winscp556setup
2015-02-14 03:50 - 2015-02-16 16:12 - 279979903 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo_Ravens_-_05-(720p_x264__AAC)(8_Bit).mp4
2015-02-14 03:50 - 2015-02-14 15:01 - 261714515 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo Ravens - 04-(720p x264 AAC)(8 Bit).mp4
2015-02-14 03:48 - 2015-02-14 03:48 - 00002171 _____ () C:\Users\Christoph\Desktop\JDownloader 2.lnk
2015-02-14 03:48 - 2015-02-14 03:48 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-14 03:31 - 2015-03-05 16:25 - 00000000 ____D () C:\Users\Christoph\AppData\Local\JDownloader 2.0
2015-02-14 03:14 - 2015-02-14 03:14 - 00000000 ____D () C:\Users\Christoph\Downloads\Humble_VanentinesDay_Cards
2015-02-14 02:05 - 2015-02-14 02:16 - 26816094 _____ () C:\Users\Christoph\Downloads\Humble_VanentinesDay_Cards.zip
2015-02-13 18:43 - 2015-02-14 05:34 - 366756189 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]_Tokyo_Ravens_-_03.mp4
2015-02-13 14:22 - 2015-02-13 18:43 - 376518273 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo_Ravens_-_02-(720p_x264__AAC)(8_Bit).mp4
2015-02-13 12:07 - 2015-02-13 13:16 - 164042310 _____ () C:\Users\Christoph\Downloads\www.eliteanimes.com_[No]Da_Capo_if_-_02(XviD)[F36F6EC8].avi
2015-02-13 08:43 - 2015-02-13 12:07 - 184385536 _____ () C:\Users\Christoph\Downloads\www.eliteanimes.com_[No]Da_Capo_if_-_01(XviD)[DC32D2A2].avi
2015-02-11 09:30 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 09:30 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 09:30 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 09:30 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 09:30 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 09:30 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 09:30 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 09:30 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 09:30 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 09:30 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 09:30 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 09:30 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 09:30 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 09:30 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 09:30 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 09:30 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 09:30 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 09:30 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 09:19 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 09:19 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 09:19 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 09:19 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 09:19 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 09:19 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 09:19 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 09:16 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 09:16 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 09:16 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 09:16 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 09:16 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 09:16 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 09:16 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 09:16 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 09:16 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 09:12 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 09:12 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 09:12 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 09:12 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 09:12 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 09:12 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 09:11 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 09:11 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 09:11 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 09:11 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 09:11 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-07 00:50 - 2015-02-07 00:51 - 24182127 _____ () C:\Users\Christoph\Downloads\[URW]_Chuunibyou_demo_Koi_ga_Shitai!_Lite_-_06_[22CDD48F].mkv
2015-02-07 00:43 - 2015-02-07 00:46 - 26061354 _____ () C:\Users\Christoph\Downloads\[URW]_Chuunibyou_demo_Koi_ga_Shitai!_Lite_-_05_[CE0DBBDD].mkv
2015-02-07 00:34 - 2015-02-07 00:46 - 24276997 _____ () C:\Users\Christoph\Downloads\[URW]_Chuunibyou_demo_Koi_ga_Shitai!_Lite_-_04_[3BBFA608].mkv
2015-02-07 00:26 - 2015-02-07 00:46 - 26580394 _____ () C:\Users\Christoph\Downloads\[URW]_Chuunibyou_demo_Koi_ga_Shitai!_Lite_-_03_[B239612B].mkv
2015-02-07 00:15 - 2015-02-07 00:15 - 24428202 _____ () C:\Users\Christoph\Downloads\[URW]_Chuunibyou_demo_Koi_ga_Shitai!_Lite_-_02_[90DD7FA3].mkv
2015-02-07 00:07 - 2015-02-07 00:14 - 24075110 _____ () C:\Users\Christoph\Downloads\[URW]_Chuunibyou_Demo_Koi_ga_Shitai!_Lite_-_01_[E8C17E9A].mkv
2015-02-06 00:45 - 2015-02-06 00:45 - 00031359 _____ () C:\Users\Christoph\AppData\Local\recently-used.xbel
2015-02-06 00:15 - 2015-02-13 14:22 - 207926204 _____ () C:\Users\Christoph\Downloads\[YinYang-Subs]Tokyo_Ravens_-_01-(720p_x264__AAC)[8_Bit].mp4
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 15:10 - 2014-03-28 10:53 - 00000000 ____D () C:\FRST
2015-03-07 15:09 - 2014-03-28 10:54 - 00030137 _____ () C:\Users\Christoph\Downloads\FRST.txt
2015-03-07 15:09 - 2012-11-22 23:35 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\NetSpeedMonitor
2015-03-07 15:06 - 2013-02-21 18:41 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\uTorrent
2015-03-07 15:05 - 2012-12-01 00:29 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Skype
2015-03-07 14:35 - 2012-07-16 11:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-07 14:27 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-07 14:27 - 2009-07-14 05:45 - 00028944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-07 14:23 - 2012-07-12 16:42 - 01914316 _____ () C:\Windows\WindowsUpdate.log
2015-03-07 14:21 - 2013-12-25 11:55 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-03-07 14:20 - 2014-07-01 10:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-07 14:19 - 2012-07-30 12:00 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-03-07 14:19 - 2012-07-16 10:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-07 14:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-07 14:19 - 2009-07-14 05:51 - 00140643 _____ () C:\Windows\setupact.log
2015-03-07 14:18 - 2014-07-01 10:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-07 14:17 - 2014-09-20 00:17 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {5B557CE1-4321-4890-B411-4403944F2B02}.job
2015-03-07 14:17 - 2014-09-20 00:17 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {5B557CE1-4321-4890-B411-4403944F2B02}.job
2015-03-07 14:13 - 2010-11-21 04:47 - 00414628 _____ () C:\Windows\PFRO.log
2015-03-07 13:19 - 2014-09-20 00:19 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {C08A5572-83AC-495D-AFED-1683BC8FEAD1}.job
2015-03-07 13:19 - 2014-09-20 00:19 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {C08A5572-83AC-495D-AFED-1683BC8FEAD1}.job
2015-03-07 12:32 - 2012-08-07 19:16 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\vlc
2015-03-06 17:47 - 2012-07-30 12:00 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-03-06 10:31 - 2014-03-29 00:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 10:12 - 2009-07-14 05:45 - 00306840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-06 00:50 - 2012-07-16 10:03 - 00068824 _____ () C:\Users\Christoph\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-05 16:26 - 2012-08-07 21:41 - 00000000 ____D () C:\Users\Christoph\dwhelper
2015-03-05 15:04 - 2012-07-12 17:28 - 00281503 _____ () C:\Windows\DirectX.log
2015-03-05 08:44 - 2013-05-04 09:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-04 09:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-03 13:04 - 2014-09-15 13:57 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Browser Extensions
2015-03-03 12:43 - 2014-12-31 10:50 - 00003304 _____ () C:\Users\Christoph\Desktop\PC.txt
2015-03-03 10:19 - 2015-01-15 00:08 - 00001984 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2015-03-03 10:18 - 2014-12-15 23:38 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-03-03 10:18 - 2013-12-25 11:54 - 00032186 _____ () C:\Windows\DPINST.LOG
2015-03-02 23:47 - 2012-07-12 17:31 - 00000000 ____D () C:\Users\Christoph
2015-03-02 23:44 - 2012-07-30 11:59 - 00000000 ____D () C:\Program Files\Intel
2015-03-02 16:50 - 2012-10-11 10:07 - 00001427 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-02 16:50 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-25 10:31 - 2015-01-14 11:06 - 00000194 _____ () C:\Users\Christoph\Desktop\zahlungen.txt
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-23 11:13 - 2013-02-23 23:55 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\Aegisub
2015-02-20 10:10 - 2013-04-27 00:43 - 00120832 ___SH () C:\Users\Christoph\Thumbs.db
2015-02-16 03:00 - 2014-02-15 03:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-15 14:39 - 2012-08-07 19:22 - 00000000 ____D () C:\Users\Christoph\.gimp-2.8
2015-02-15 13:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-02-15 13:56 - 2012-07-16 12:27 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-02-15 13:56 - 2012-07-16 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-02-15 13:47 - 2013-05-04 13:02 - 00000000 ____D () C:\Program Files\Java
2015-02-15 13:47 - 2013-03-12 09:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-15 03:02 - 2012-08-12 11:37 - 00000000 ____D () C:\Users\Christoph\Documents\My Games
2015-02-14 03:00 - 2014-07-18 23:04 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-14 00:12 - 2013-04-05 22:41 - 00000000 ____D () C:\Users\Christoph\AppData\Roaming\TS3Client
2015-02-13 18:10 - 2014-11-28 12:36 - 00000000 ____D () C:\Users\Christoph\AppData\Local\Skyrim
2015-02-13 18:03 - 2014-11-28 13:00 - 00000000 ____D () C:\Users\Christoph\Documents\Nexus Mod Manager
2015-02-12 19:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 03:12 - 2014-12-11 07:55 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:12 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-08 10:36 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-06 19:13 - 2014-07-01 10:35 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 19:13 - 2014-07-01 10:35 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 00:37 - 2012-07-16 11:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-06 00:37 - 2012-07-16 11:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-06 00:37 - 2012-07-16 11:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2013-03-01 10:38 - 2013-03-09 00:39 - 0002298 _____ () C:\Users\Christoph\AppData\Roaming\ASSDraw3.cfg
2014-12-15 23:38 - 2014-12-15 23:38 - 0000000 _____ () C:\Users\Christoph\AppData\Roaming\gdfw.log
2014-12-15 23:38 - 2014-12-15 23:38 - 0000779 _____ () C:\Users\Christoph\AppData\Roaming\gdscan.log
2013-04-28 15:45 - 2013-12-16 14:15 - 13492224 _____ () C:\Users\Christoph\AppData\Roaming\Sandra.mdb
2014-04-12 03:48 - 2014-04-12 03:48 - 0000044 _____ () C:\Users\Christoph\AppData\Roaming\WB.CFG
2015-02-06 00:45 - 2015-02-06 00:45 - 0031359 _____ () C:\Users\Christoph\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Christoph\AppData\Local\Temp\avgnt.exe
C:\Users\Christoph\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Christoph\AppData\Local\Temp\EAD1860.exe
C:\Users\Christoph\AppData\Local\Temp\EAD6576.exe
C:\Users\Christoph\AppData\Local\Temp\EADC189.exe
C:\Users\Christoph\AppData\Local\Temp\EADD622.exe
C:\Users\Christoph\AppData\Local\Temp\EADF16F.exe
C:\Users\Christoph\AppData\Local\Temp\fileutil.dll
C:\Users\Christoph\AppData\Local\Temp\i4jdel0.exe
C:\Users\Christoph\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Christoph\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Christoph\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Christoph\AppData\Local\Temp\mirc732.exe
C:\Users\Christoph\AppData\Local\Temp\Nexus Mod Manager-0.53.2.exe
C:\Users\Christoph\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Christoph\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Christoph\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Christoph\AppData\Local\Temp\nvStInst.exe
C:\Users\Christoph\AppData\Local\Temp\proxy_vole7457242831514053379.dll
C:\Users\Christoph\AppData\Local\Temp\Quarantine.exe
C:\Users\Christoph\AppData\Local\Temp\SDuninst.exe
C:\Users\Christoph\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\Christoph\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Christoph\AppData\Local\Temp\sonarinst.exe
C:\Users\Christoph\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Christoph\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Christoph\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Christoph\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Christoph\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Christoph\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Christoph\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Christoph\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Christoph\AppData\Local\Temp\{3F613B63-973B-4427-8397-4AD8AED28425}-38.0.2125.104_37.0.2062.124_chrome_updater.exe
Some zero byte size files/folders:
==========================
C:\Windows\System32\regsvr32.exe
C:\Windows\System32\sdiageng.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-05 10:16
==================== End Of Log ============================ --- --- ---
Mittlerweile sind übrigens auch noch zwei andere Symptome aufgetreten die möglicherweise damit im Zusammenhang stehen.
1.) Die Maus reagiert teiles bei einem normalen Klick mit einem Doppelklick
2.) Mindestens einmal am Tag ein Blackscreen, welcher einen manuellen Neustart erfordert, heute kam nach einem Neustart wegen diesem Problem 3-4 mal hintereinander nach dem Start von Windows ein Blackscreen. |