| LuckyLukeAUT | 23.06.2015 15:43 |
Hey,
Hab zuvor noch keine Scans gemacht. Wo find ich den Log von Adwcleaner?
Hier die Logs von FRST: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by Lukas (administrator) on LUKASURFACE on 23-06-2015 16:39:36
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas (Available Profiles: Lukas & Administrator)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Marvell Semiconductors, Inc.) C:\Windows\System32\mvbtrcsvcx64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Dropbox, Inc.) C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [CheckNDISPort] => C:\Program Files (x86)\Mblaze_Home\CheckNDISPort.exe
HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Lukas\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\Run: [Dropbox Update] => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-15] (Dropbox, Inc.)
HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\MountPoints2: {ad9f111d-98ff-11e4-beb7-6045bdf1086f} - "D:\Windows/AutoRun.exe"
HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\MountPoints2: {ad9f1134-98ff-11e4-beb7-6045bdf1086f} - "D:\Windows/AutoRun.exe"
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\citzv7up.default
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1990373009-1946276833-315907763-1001: @client.dropbox.com/Dropbox Update;version=3 -> C:\Users\Lukas\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll [2015-05-15] (Dropbox, Inc.)
FF Plugin HKU\S-1-5-21-1990373009-1946276833-315907763-1001: @client.dropbox.com/Dropbox Update;version=9 -> C:\Users\Lukas\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll [2015-05-15] (Dropbox, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\citzv7up.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-01]
Chrome:
=======
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-13]
CHR Extension: (Google Docs) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-13]
CHR Extension: (Google Drive) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-13]
CHR Extension: (Adguard AdBlocker) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-06-13]
CHR Extension: (WOT) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-06-13]
CHR Extension: (YouTube) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-13]
CHR Extension: (Google Search) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-13]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-06-13]
CHR Extension: (Google Calendar) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-06-13]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-06-13]
CHR Extension: (Google Sheets) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-13]
CHR Extension: (HTTPS Everywhere) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-06-13]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2015-06-13]
CHR Extension: (Adblock Super) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-06-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-13]
CHR Extension: (Chrono Download Manager) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-06-13]
CHR Extension: (Google Classroom) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2015-06-13]
CHR Extension: (Ghostery) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-06-13]
CHR Extension: (GetThemAll Video Downloader) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2015-06-13]
CHR Extension: (SmoothScroll) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2015-06-13]
CHR Extension: (Google Wallet) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-13]
CHR Extension: (Click&Clean App) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-06-13]
CHR Extension: (Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-04-09] (Intel Corporation)
S3 Marvell AVASTAR Bluetooth Radio Adapter; C:\Windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.) [File not signed]
R2 Marvell Bluetooth Radio Control Service; C:\WINDOWS\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.) [File not signed]
U3 mvbtradio; C:\WINDOWS\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 kbfilter; C:\Windows\System32\drivers\SurfaceTouchCover.sys [23984 2013-09-26] (Microsoft Corporation)
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-10-14] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-26] (Intel Corporation)
R3 mwlu97w8; C:\Windows\system32\DRIVERS\mwlu97w8x64.sys [1602560 2014-05-28] (Marvell Semiconductors, Inc.)
R3 SensorsHIDClassDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SurfaceAccessoryDevice; C:\Windows\System32\drivers\SurfaceAccessoryDevice.sys [1614768 2014-05-15] (Microsoft Corporation)
S3 SurfaceTouchCover; C:\Windows\System32\drivers\SurfaceTouchCover.sys [23984 2013-09-26] (Microsoft Corporation)
R3 SurfaceTypeCover; C:\Windows\System32\drivers\SurfaceTypeCover.sys [37960 2013-09-13] (Microsoft Corporation)
S3 TrackpadSettingsDriver; C:\Windows\System32\drivers\TrackpadSettingsDriver.sys [46168 2013-03-25] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-23 16:39 - 2015-06-23 16:40 - 00017529 _____ C:\Users\Lukas\Desktop\FRST.txt
2015-06-23 16:39 - 2015-06-23 16:39 - 02109952 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2015-06-23 16:39 - 2015-06-23 16:39 - 00000000 ____D C:\FRST
2015-06-22 13:23 - 2015-06-22 13:25 - 00000000 ____D C:\AdwCleaner
2015-06-14 20:04 - 2015-06-14 20:05 - 00125663 _____ C:\Users\Lukas\Downloads\thin_cool.zip
2015-06-14 20:03 - 2015-06-14 20:03 - 00057296 _____ C:\Users\Lukas\Downloads\optimusprinceps.zip
2015-06-14 19:58 - 2015-06-14 19:58 - 00590958 _____ C:\Users\Lukas\Downloads\oeh_ph_stmk_LOGO_schwarz.eps
2015-06-14 19:57 - 2015-06-14 19:57 - 00597902 _____ C:\Users\Lukas\Downloads\oeh_ph_stmk_LOGO_weiß.eps
2015-06-14 19:48 - 2015-06-14 19:48 - 00432382 _____ C:\Users\Lukas\Downloads\cocogoose_letterpress.zip
2015-06-13 00:36 - 2015-06-13 00:36 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kill-ID für Chrome
2015-06-13 00:36 - 2015-06-13 00:36 - 00000000 ____D C:\Program Files (x86)\Kill-ID für Chrome
2015-06-13 00:35 - 2015-06-13 00:35 - 04549552 _____ (Alexander Miehlke Softwareentwicklung ) C:\Users\Lukas\Downloads\kchrome.exe
2015-06-13 00:14 - 2015-06-22 21:19 - 00002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-13 00:14 - 2015-06-13 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-13 00:12 - 2015-06-23 16:17 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-13 00:12 - 2015-06-23 16:12 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-13 00:12 - 2015-06-13 00:12 - 00003868 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-11 22:56 - 2015-06-11 22:56 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-10 18:09 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 18:08 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 18:08 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 18:08 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 18:08 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 18:08 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 18:08 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 18:08 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 18:08 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 18:08 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 18:08 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 18:08 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 18:08 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 18:07 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 18:07 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 18:06 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 18:06 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 18:05 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 18:05 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 18:05 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 18:04 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 18:04 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 18:04 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 18:04 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 18:04 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 18:04 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 18:04 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 18:04 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 18:04 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 18:04 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 18:04 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 18:04 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 18:04 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 18:04 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 18:04 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 18:04 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 18:04 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 18:04 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 18:04 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 18:04 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 18:04 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 18:04 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 18:04 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 18:04 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 18:04 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 18:04 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 18:04 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 18:04 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 18:04 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 18:04 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 18:04 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 18:04 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 18:04 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 18:04 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 18:04 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 18:04 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 18:04 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 18:04 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 18:04 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 18:04 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 18:04 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 18:04 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 18:04 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 18:04 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 18:04 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 18:04 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 18:04 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 18:04 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 18:04 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 18:04 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 18:04 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 18:04 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 18:04 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 18:04 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 18:04 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 18:04 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 18:04 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 18:04 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 18:04 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 18:04 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 18:03 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-01 20:09 - 2015-06-01 20:09 - 00000000 ____D C:\Users\Lukas\AppData\Local\GWX
2015-05-26 01:24 - 2015-05-26 01:24 - 00653552 _____ C:\WINDOWS\Minidump\052615-6093-01.dmp
2015-05-25 02:19 - 2015-05-25 02:19 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-05-25 02:14 - 2015-05-25 02:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-25 01:53 - 2015-06-05 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-25 01:53 - 2015-05-25 01:53 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-25 01:53 - 2015-05-25 01:53 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-25 00:36 - 2015-05-25 00:36 - 00000000 ____D C:\ProgramData\Emsisoft
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-23 16:31 - 2015-05-15 11:26 - 00001248 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1990373009-1946276833-315907763-1001UA.job
2015-06-23 16:25 - 2014-07-03 10:24 - 01623776 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-23 16:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-23 16:17 - 2014-07-02 16:06 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1990373009-1946276833-315907763-1001
2015-06-23 16:15 - 2014-10-03 10:39 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A957489-6FE9-4700-996E-D32991CF6156}
2015-06-23 16:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-23 16:12 - 2014-07-04 15:11 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Dropbox
2015-06-23 16:12 - 2014-07-03 11:32 - 00000000 __RDO C:\Users\Lukas\OneDrive
2015-06-23 16:12 - 2014-03-06 07:32 - 00000000 ___RD C:\Users\Lukas\Dropbox
2015-06-22 20:45 - 2015-05-01 10:03 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-22 16:45 - 2014-07-08 14:55 - 00000000 ____D C:\Users\Lukas\Desktop\zeug
2015-06-21 19:50 - 2014-07-02 15:56 - 00000000 ____D C:\Users\Lukas\AppData\Local\Packages
2015-06-21 11:31 - 2015-05-15 11:26 - 00001196 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1990373009-1946276833-315907763-1001Core.job
2015-06-20 14:39 - 2015-05-01 10:04 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-20 14:34 - 2014-09-07 19:29 - 00057856 ___SH C:\Users\Lukas\Downloads\Thumbs.db
2015-06-20 08:05 - 2014-03-18 12:04 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-20 08:05 - 2014-03-18 11:25 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-20 08:05 - 2014-03-18 11:25 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-20 08:00 - 2014-03-18 03:51 - 00048684 _____ C:\WINDOWS\PFRO.log
2015-06-20 08:00 - 2013-08-22 16:46 - 00415185 _____ C:\WINDOWS\setupact.log
2015-06-20 08:00 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-20 08:00 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-19 20:36 - 2014-07-05 13:40 - 02655232 ___SH C:\Users\Lukas\Desktop\Thumbs.db
2015-06-14 21:51 - 2014-07-03 10:21 - 00000000 ____D C:\Users\Lukas
2015-06-14 21:41 - 2013-08-22 16:44 - 00433584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-13 00:14 - 2014-07-02 16:00 - 00000000 ____D C:\Users\Lukas\AppData\Local\Google
2015-06-13 00:13 - 2014-07-02 16:00 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-13 00:12 - 2014-07-02 16:00 - 00004104 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-12 06:45 - 2014-07-05 14:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-12 06:44 - 2014-07-05 14:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-10 22:31 - 2014-12-11 20:26 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 22:31 - 2014-07-15 23:13 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 22:31 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 22:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 22:15 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 21:59 - 2014-07-02 16:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 21:52 - 2014-07-02 16:30 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 23:31 - 2014-07-02 16:33 - 00000000 ____D C:\Users\Lukas\AppData\Local\Adobe
2015-06-09 23:15 - 2015-05-01 10:03 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-03 00:19 - 2015-04-24 09:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-26 13:58 - 2014-07-02 15:56 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\Adobe
2015-05-26 01:24 - 2014-11-17 21:48 - 00000000 ____D C:\WINDOWS\Minidump
2015-05-25 17:21 - 2014-10-21 15:06 - 00000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2015-05-25 17:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-05-25 02:15 - 2015-01-01 07:47 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-05-25 02:14 - 2014-07-02 16:31 - 00000000 ____D C:\ProgramData\Adobe
2015-05-25 02:14 - 2014-07-02 16:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-05-25 01:53 - 2015-05-01 09:45 - 00000000 ____D C:\Users\Lukas\AppData\Local\Mozilla
2015-05-25 01:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
==================== Files in the root of some directories =======
2014-10-03 10:42 - 2014-11-20 18:58 - 0001456 _____ () C:\Users\Lukas\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-07-14 23:56 - 2014-07-14 23:56 - 0000000 _____ () C:\Users\Lukas\AppData\Local\{447DF679-691D-4756-A111-C83CCB74A3A2}
2014-10-13 10:14 - 2015-02-25 15:08 - 0007811 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Lukas\adobe-photoshop-cs6.exe
C:\Users\Lukas\SteamSetup.exe
C:\Users\Lukas\wlsetup-web.exe
Some files in TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzvkcvy.dll
C:\Users\Lukas\AppData\Local\Temp\htmlayout.dll
C:\Users\Lukas\AppData\Local\Temp\setupenu.dll
C:\Users\Lukas\AppData\Local\Temp\uninst2.exe
C:\Users\Lukas\AppData\Local\Temp\{04432339-77DE-4EB6-AF58-6CAB914C277D}-DropboxClient_3.6.7.exe
C:\Users\Lukas\AppData\Local\Temp\{05BD0B5E-CDB3-412E-A5F0-79A6FB77D51E}-DropboxClient_3.6.1.exe
C:\Users\Lukas\AppData\Local\Temp\{1CC2B3EE-7255-4BED-A42D-97F8B72C41AF}-DropboxClient_3.6.7.exe
C:\Users\Lukas\AppData\Local\Temp\{4B0847AB-53BF-4ABA-B26A-E3F101F7468F}-DropboxClient_3.6.7.exe
C:\Users\Lukas\AppData\Local\Temp\{AA63A817-5E33-49D9-84E6-5E1953C82430}-DropboxClient_3.6.7.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-19 20:05
==================== End of log ============================
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Lukas at 2015-06-23 16:41:15
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1990373009-1946276833-315907763-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-1990373009-1946276833-315907763-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1990373009-1946276833-315907763-1007 - Limited - Enabled)
Lukas (S-1-5-21-1990373009-1946276833-315907763-1001 - Administrator - Enabled) => C:\Users\Lukas
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.1 - Extensoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C3100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c3100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Kill-ID 1.2.4.0 für Chrome (HKLM-x32\...\Kill-ID für Chrome_is1) (Version: 1.2.5.0 - Alexander Miehlke Softwareentwicklung)
KMSpico v9.2.2 RC (HKLM\...\KMSpico_is1) (Version: 9.2.2 RC - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WaveLab LE 8 (64 bit) (HKLM\...\WaveLabLE8_64) (Version: 8.0.3.698 - Steinberg)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990373009-1946276833-315907763-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lukas\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Restore Points =========================
13-06-2015 00:38:42 Revo Uninstaller's restore point - TraXEx 3.3
20-06-2015 07:55:02 Revo Uninstaller's restore point - Emsisoft Anti-Malware
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {14BBC429-8F0B-493B-9B8E-2A28B3D29A50} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {1B7F3E93-EFB3-4337-895F-876CEDC83E2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {2AFDB2A3-CB8F-416D-B2B5-F13BA6AA2AB8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3B3FF132-465B-4531-92CE-096C14571262} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1990373009-1946276833-315907763-1001
Task: {4A08DA57-F9BC-4874-B737-9B6810A91C77} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {4C97A5E6-2435-4FF0-B8A8-E15488646E14} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5144D765-83FB-4F4A-988F-DA8E0F02C095} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {5B91CC39-631A-45BF-B837-2076ADECFD67} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {5EB32C8D-21E6-4E62-B755-B11B7A4E0CFC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {6B48221E-88F4-48F7-AB02-620E218B40C4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {77ACA2B9-43C7-42C6-811A-D6006CBF1A23} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {803EF6CF-3216-4EBC-8BDC-EF2C5A8338A8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {98E75C2A-61C0-462C-ADC1-A2FE81861480} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {9BA28918-56A0-49B6-BA5F-B75EA35C55E7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: {9DC92B84-6EF7-4CD3-9B47-DD529C20F420} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A20368C3-334B-472D-89BA-2796EF4A535B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A693E6B9-03C0-4BBA-BDF9-67E78D6C1CDE} - System32\Tasks\{EA9A46BA-41EC-4355-B6FA-32503C24A616} => pcalua.exe -a C:\Users\Lukas\Desktop\cursorfx_9213.exe -d C:\Users\Lukas\Desktop
Task: {B21B946E-0A12-4E31-90BE-2BC94B7E4E65} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {BB97BA2B-8694-44A4-9F05-80B2DBEB82E5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {C428D542-1A5E-45D5-8A91-FD6B24770243} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {D369D2E1-0929-402F-96E3-6CC0B3AA5517} - System32\Tasks\{1F9A5880-71C6-44F5-90B8-B40EA42ED40A} => pcalua.exe -a "C:\Users\Lukas\Desktop\Age Of Empires concoruise\DPLAY61A.EXE" -d "C:\Users\Lukas\Desktop\Age Of Empires concoruise"
Task: {EAFD3FC0-4E27-48CB-9EA2-198E3EFCF0A8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1990373009-1946276833-315907763-1001Core => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {F0C619E8-8CD6-41E5-B83E-788129FEC217} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1990373009-1946276833-315907763-1001UA => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {F605B607-8CC0-4124-B0B9-71ED5FCDF988} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {F6ECA247-06B8-4CBD-9790-A1103DFD5AA4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1990373009-1946276833-315907763-1001Core.job => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1990373009-1946276833-315907763-1001UA.job => C:\Users\Lukas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\WINDOWS\System32\ssp7ml6.dll
2015-02-12 23:20 - 2015-02-12 23:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-12 23:20 - 2015-02-12 23:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-10 11:47 - 2015-05-15 11:51 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-02-12 23:20 - 2015-02-12 23:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-06-23 16:12 - 2015-06-23 16:12 - 00043008 _____ () c:\users\lukas\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzvkcvy.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Lukas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Lukas\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Lukas\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Lukas\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Lukas\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Lukas\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Lukas\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-06-22 21:19 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-22 21:19 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-22 21:19 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Lukas\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Lukas\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1990373009-1946276833-315907763-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "CheckNDISPort"
HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1990373009-1946276833-315907763-1001\...\StartupApproved\Run: => "Amazon Music"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{B72F130A-58F5-493A-9FA9-9D2C269B6134}] => (Allow) C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A080CA95-6CF8-4AA4-84BE-7AA600CC06CB}] => (Allow) C:\Users\Lukas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{5D050F07-3951-41C3-B562-C38A9FAB2103}C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{27074DDF-8F3E-4C3A-8ED7-90CF3AA326EB}C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lukas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{80460425-77F3-455E-9BD3-3E14A7397DB8}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{F58E54E5-B20F-44E8-A1EE-7D8CD97F2117}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{46E935FB-31B9-4D71-BDA8-C8E1B9BF1A76}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{5ACEDDCD-830E-4E2E-83F4-15BF2E8E6A18}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{CDCA8333-8895-460D-BCBB-66C68D17D230}C:\users\lukas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\lukas\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5E516F15-42E9-44EF-BD63-73F199F35B31}C:\users\lukas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\lukas\appdata\local\akamai\netsession_win.exe
FirewallRules: [{AE3B9E88-6714-48B6-AF22-A2C66A5BFACF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8967DBDF-AD57-4DAF-A24E-FBB14298324A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{B89E3EB7-472A-4B3D-9532-D6743D72CB57}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{201C7749-9A19-47B2-B342-52EC4A513AF4}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{E5B383E7-5376-47E6-8EE5-473D3AF45AA5}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{C7CFB65D-EC2F-4E22-86C8-C13F4C8198F8}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{68BAFFDB-FF61-4884-A1A9-D7D5136085C9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D58670D5-4EF9-43A2-B849-B75BA69C4AC5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{81C204A2-DE18-4CBB-A2EE-47500F39965A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{DFAC3981-C6B5-4BE0-8BEA-46065D4D23AA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AFBC4F80-2E51-4381-9C5C-44DB9A1693A4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{30EB25DD-B06C-4F36-98A3-013E76DCFDE0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2AA30C5C-741A-4BD9-B310-AB9F7CFD9537}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3E67B67F-6B07-414E-9B39-65CA0205E711}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F3D2D0F6-1852-439B-BA7B-F3576B750C9F}] => (Allow) C:\Program Files (x86)\Artisteer 4\bin\Artisteer.exe
FirewallRules: [{C0039483-7FB5-4549-B9EB-E23848B0D782}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{7D679895-1B88-4108-996B-3A38BF004C12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B972DC2C-6FBA-4D72-9183-A1FB1F9077AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{52035F47-18FC-468B-9934-CECA03BED762}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{7C7306EC-9EC8-48A5-8692-50C5A7CAB7BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{56CD4F90-2514-49D6-A45B-E83178D39006}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{D1F9A806-A992-4147-B813-8CADF153451B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{D0A23A99-BD26-4D5D-9030-CF9BD79287C4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B45E1F90-B8DE-46E1-96AB-9A14842043D7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{58BAFC37-294A-4418-AAF1-D2F7B944A4FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{1704762D-1756-425B-A07D-3E59B9204058}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{95D20453-C05F-4D17-85D8-938FD8E0BE0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{92E56639-778C-4CB9-9327-913EB7AC8C14}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{338E1F45-3D0A-4E35-BA22-3F76D2CAE1E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A096BFA5-C51C-420C-9E7F-C2FA0A119535}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A68DA3D2-5054-4E03-8ED3-A9FBF7F002D2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{60F7CB81-3309-47C1-BE90-83CD02512237}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{67D45867-378C-421E-A4D8-8B9C6B42A272}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{514D3529-FD0B-41E6-97B4-F474AA4014FF}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{D6A663EC-5121-4543-A042-1A167433C110}C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe] => (Allow) C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe
FirewallRules: [UDP Query User{A4FA92A3-3461-48F8-A9A8-ED2A230693F4}C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe] => (Allow) C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe
FirewallRules: [{DD60229E-7985-45F6-90C7-24CD1F240859}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5BA81684-59EF-4FD5-8094-9DA2094067F8}] => (Allow) LPort=2869
FirewallRules: [{034AD914-56BB-4FDB-A52A-A574DAA017C5}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{254B397A-B1B7-46C2-843C-E70491CB4AC3}C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe] => (Allow) C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe
FirewallRules: [UDP Query User{9D520C5A-0200-484E-80AB-162A6CD56FB1}C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe] => (Allow) C:\program files\age2hd the forgotten 3.2 lan version\age2hd the forgotten 3.2 lan version\aok hd.exe
FirewallRules: [{306E2D77-E1BC-4A79-B87E-7E8AD7359320}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FF89CC44-BFB5-4ECD-8177-78107FCB52BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{77DFD10C-089C-45BD-9458-1EBB871319CA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8F50CEBC-11FD-4B9B-BF87-FF100DF89DE4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C87BB758-7C18-4745-A137-33B95AD514EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B8C4DCC0-C262-4EC7-BEEB-EBC7A6C549D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CCF8DD48-52B0-4FD8-B095-7E54EEFE6F59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E7D6B5FF-4C21-423C-9056-48FB3C1F711A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AFE6D078-055F-4E74-8A11-D87283C000FD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D764E3BD-76AA-4D86-9856-2346CAC00475}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DA2F8771-1E16-4EF1-90FC-45F4FBC7C030}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1F9E903D-6A8E-4534-80E6-EBC64940F767}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/22/2015 08:53:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{1999475b-3bcd-4ef4-b3a7-1919315f56ff}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/22/2015 08:53:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Windows RE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/21/2015 00:54:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/20/2015 08:54:58 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/20/2015 08:01:12 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (06/19/2015 04:56:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/19/2015 02:54:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/16/2015 09:54:13 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (06/15/2015 07:22:50 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{1999475b-3bcd-4ef4-b3a7-1919315f56ff}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/15/2015 07:22:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Windows RE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (06/23/2015 04:12:24 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (06/23/2015 06:32:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/23/2015 06:28:39 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (06/22/2015 11:21:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/22/2015 11:06:54 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (06/22/2015 08:48:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/22/2015 08:38:27 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (06/22/2015 05:03:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/22/2015 04:54:12 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (06/22/2015 04:45:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office:
=========================
Error: (06/22/2015 08:53:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{1999475b-3bcd-4ef4-b3a7-1919315f56ff}\Falscher Parameter. (0x80070057)
Error: (06/22/2015 08:53:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Windows RE toolsFalscher Parameter. (0x80070057)
Error: (06/21/2015 00:54:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/20/2015 08:54:58 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/20/2015 08:01:12 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (06/19/2015 04:56:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/19/2015 02:54:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/16/2015 09:54:13 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:
Error: (06/15/2015 07:22:50 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{1999475b-3bcd-4ef4-b3a7-1919315f56ff}\Falscher Parameter. (0x80070057)
Error: (06/15/2015 07:22:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Windows RE toolsFalscher Parameter. (0x80070057)
CodeIntegrity Errors:
===================================
Date: 2015-06-22 20:53:11.364
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 19:59:19.644
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 13:53:33.486
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 13:53:33.002
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 13:53:32.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-21 14:10:40.577
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-18 10:56:23.821
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-16 08:57:25.900
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-15 11:26:33.177
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-15 11:26:32.945
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 58%
Total physical RAM: 3979.71 MB
Available physical RAM: 1654.14 MB
Total Pagefile: 8075.71 MB
Available Pagefile: 5101.46 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:110.38 GB) (Free:20.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 528ECE69)
Partition: GPT Partition Type.
==================== End of log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Lesestoff: