| Vinzenz__99 | 15.07.2015 00:18 |
Addition
Addition:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by vinzenz at 2015-07-15 00:45:46
Running from C:\Users\vinzenz\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3934391000-465545494-1828760476-500 - Administrator - Disabled)
Gast (S-1-5-21-3934391000-465545494-1828760476-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3934391000-465545494-1828760476-1003 - Limited - Enabled)
vinzenz (S-1-5-21-3934391000-465545494-1828760476-1001 - Administrator - Enabled) => C:\Users\vinzenz
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Antivirus (Disabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivirus (Disabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Akamai NetSession Interface (HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{BF821093-CFD3-EC1B-B357-6817EE34E5C7}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.11 - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Computer Security 14.115.100.0 (release) (x32 Version: 14.115.100.0 - F-Secure Corporation) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version: - Giants Software)
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 666) (Version: 2.15.364.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.15.364.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.141 (x32 Version: 1.02.141 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.03.159.0 (release) (x32 Version: 1.03.159.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.24.5 - HTC)
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Online Safety 2.115.2783.1598 (x32 Version: 2.115.2783.1598 - F-Secure Corporation) Hidden
OpenOffice Beta 4.1.0 (HKLM-x32\...\{E0284E69-DDCE-4AB0-9A6B-22DC9CB8D7DB}) (Version: 4.10.9760 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.86.89.0 - Overwolf Ltd.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3934391000-465545494-1828760476-1001_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
==================== Restore Points =========================
24-06-2015 18:58:49 Windows Update
03-07-2015 21:54:40 Geplanter Prüfpunkt
09-07-2015 20:25:37 Revo Uninstaller's restore point - Bing Bar
11-07-2015 00:12:44 Revo Uninstaller's restore point - Battlefield™ Hardline-Beta
14-07-2015 22:14:39 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05530C13-28CC-4D1C-BC70-734A673FC1CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-28] (Google Inc.)
Task: {0B6F1839-CC9C-4883-8CE1-304D730094C0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-06-21] (Overwolf LTD)
Task: {2FCB7579-15DB-4034-A604-146ED4B55F23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {50AAAA38-4564-4905-B8A5-127CEE368890} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
Task: {52D80690-73B0-47F6-BFB9-E3A52303DA18} - System32\Tasks\{75B47C95-94B9-402A-B7AA-87C1EAB97EC5} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {5CBFFAF3-2F5D-4331-A0FC-2694DAA4EF4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {7BC2A026-0979-421E-B825-D82A551CA61F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {88480BFD-A644-48A0-AD28-A3EB8217D502} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {93ACAE90-1568-4C22-87C9-0DD71199A265} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9681ADF2-FF4C-46F2-B6B8-1931B6EDB9DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C0B1D962-AC89-4C6E-ADDB-3F60060E0E9F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {E0509DA8-3C3B-46F6-86B9-D550A4B4975D} - System32\Tasks\HPCeeScheduleForvinzenz => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {E134DB99-528B-48E8-89C6-5584C4A66D34} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3934391000-465545494-1828760476-1001
Task: {E7633D12-199C-444F-86E1-90AE17E3A123} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-28] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForvinzenz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-06-02 19:41 - 2015-02-04 05:35 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2012-05-04 17:42 - 2012-05-04 17:42 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2012-05-04 17:42 - 2012-05-04 17:42 - 00028672 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-02-19 13:56 - 2014-02-19 13:56 - 00220200 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2014-08-06 13:40 - 2014-08-06 13:40 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-08-06 13:42 - 2014-08-06 13:42 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-08-06 13:44 - 2014-08-06 13:44 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-08-06 13:46 - 2014-08-06 13:46 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-11-24 23:58 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-24 23:58 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-24 23:58 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-24 23:58 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-24 23:58 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-05-26 20:46 - 2014-05-26 20:46 - 00030888 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2014-05-26 20:42 - 2015-04-15 19:54 - 00175144 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Gemini\fsgem.dll
2014-05-26 20:42 - 2015-03-23 21:34 - 00212008 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll
2012-10-24 06:49 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-05-26 17:26 - 2014-05-26 17:26 - 00592936 _____ () C:\WINDOWS\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
2014-10-16 16:54 - 2015-07-08 13:29 - 22325800 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\GhostReconPhantoms.exe
2014-10-16 16:54 - 2014-10-16 16:56 - 20645216 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\awesomium.dll
2014-10-16 16:54 - 2014-10-16 16:56 - 00472576 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\DDSCompress.dll
2015-07-08 13:25 - 2015-07-08 13:27 - 00704000 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\avutil-54.dll
2015-07-08 13:25 - 2015-07-08 13:27 - 02016768 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\avformat-56.dll
2015-07-08 13:25 - 2015-07-08 13:27 - 10241024 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\avcodec-56.dll
2015-07-08 13:25 - 2015-07-08 13:50 - 00728576 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\swscale-3.dll
2015-07-08 13:25 - 2015-07-08 13:27 - 01442816 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\avfilter-5.dll
2014-10-16 16:54 - 2014-10-16 16:55 - 00320056 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\ortp.dll
2015-07-08 13:25 - 2015-07-08 13:46 - 00314880 _____ () C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Game\PDC-Live\swresample-1.dll
2014-02-04 21:19 - 2015-06-04 20:56 - 00372416 _____ () C:\Program Files (x86)\Steam\steam.dll
2014-02-04 21:19 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 19:19 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 18:53 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 19:19 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 19:19 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-09-17 21:07 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-17 21:07 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-17 21:07 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-17 21:07 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-17 21:07 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-02-04 21:19 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-02-04 21:19 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-15 00:47 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\vinzenz\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3934391000-465545494-1828760476-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.100
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth Manager.lnk"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3934391000-465545494-1828760476-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F38E336D-E9BC-49EC-B57A-1419931FF6B7}] => (Allow) C:\Users\vinzenz\Downloads\77ZipSetup.exe
FirewallRules: [{058B8071-BA30-4DDF-AF54-0BF3B652F7FB}] => (Allow) C:\Users\vinzenz\Downloads\77ZipSetup.exe
FirewallRules: [UDP Query User{786C9EF7-9A6D-4F9B-8E09-83ADE7B36DB4}C:\users\public\sony online entertainment\installed games\everquest ii psg\eq2voiceservice.exe] => (Block) C:\users\public\sony online entertainment\installed games\everquest ii psg\eq2voiceservice.exe
FirewallRules: [TCP Query User{B0513F48-786F-48F2-ABF7-1E0CA50F9D7A}C:\users\public\sony online entertainment\installed games\everquest ii psg\eq2voiceservice.exe] => (Block) C:\users\public\sony online entertainment\installed games\everquest ii psg\eq2voiceservice.exe
FirewallRules: [UDP Query User{598E5720-94A2-4FA0-8F28-B72412233D9D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{61C58379-4A6F-48E3-9279-518B98321891}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{37EA96B6-E2D2-4191-B77F-15828A1E1D52}] => (Allow) LPort=1900
FirewallRules: [{428B4E77-CA60-4D3D-B1C7-D36099F6E5BB}] => (Allow) LPort=2869
FirewallRules: [{F6FE1B59-CCB8-4D60-81A5-DD4C40D5FE71}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{715EE66E-A07A-46CD-A40C-26AFE4809627}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{40CFCEA6-304B-46F8-A03C-E8BBC76BDA01}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{3086A1CE-82CA-4CF1-8A38-3AA579D8A646}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B392F0AE-27CC-4412-9E13-51E7B823E9E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CEF3FFF5-D2BF-4067-9CFB-F6D8907BBE8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CE9FDFC-C64D-4BB8-A11E-E42D7C3EDC34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A9119F4-64F3-4BFB-BFEF-386841988178}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{72C10EE0-E209-4736-927D-3E97B82F898B}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{DAA0B42B-B981-4EE3-9CF6-5F475794A5A8}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{07848DA3-C3DE-47BE-B9BA-9ECC52F7861B}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{1CBF4B22-FD21-4619-A557-D9BDF6C3BBC7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{C8B1DD7E-04E0-4A74-B8D6-07ED6A1D0152}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{636525A4-2D64-45D2-9792-1B4FC31F3E84}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{89169725-63AE-487C-9A4D-E60ADBAED3F3}C:\users\vinzenz\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vinzenz\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{84DD0A29-73A2-443A-BF7B-347ED93E0528}C:\users\vinzenz\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vinzenz\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{9836B900-CA1E-4E0B-A1AD-168FD4222931}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [UDP Query User{63E14D62-F644-48D6-8E99-D4FB9F118F10}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [{D01293BE-385C-4118-8832-7185BB9386CF}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
FirewallRules: [{0176C46A-BBDB-4F87-AF77-7087106E43B4}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
FirewallRules: [{12B6CAB6-5440-434B-9AD9-44B60DDCACCC}] => (Allow) C:\Users\vinzenz\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{455B44D0-2012-4964-A841-6FC911A27015}] => (Allow) C:\Users\vinzenz\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{E4A60853-AB06-4E59-BE87-A948DCF3D1E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F3B8733-C252-4CC9-B4E7-9737EA58E305}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8329BB62-F143-40BC-8FB1-67A27886F138}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{FB78E990-C95E-424D-91D9-2D6981C58B85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{B0A5F2E2-FE9D-4850-830C-FDD6DEA2477C}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{48613AD4-2AC8-421D-B8F0-C3D62361316F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{D1B53C43-9C84-49F7-B3D1-6403C9B25213}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{E4B860FD-AC2B-48FD-80A1-E37A69815AD0}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{B75E3BCA-E2F6-4B0B-B773-52A42E538386}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E32C3211-0DC1-499A-9039-B06F3EB88C6B}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{A5B90EB8-1557-4637-AA9C-F9A7EF1DD906}C:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe
FirewallRules: [UDP Query User{455B70B3-CAEB-4DF9-B872-5E8E97D23FAC}C:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe
FirewallRules: [{7F98668F-04E4-4F1C-814A-7A6A313439D7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7923E03F-89B4-4207-9D77-9763B8A98C24}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B5CB5C25-67F6-49ED-9F9F-CB397529C2B1}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{BAEDFDFE-7FB3-43F3-B053-D1DE642F0A70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{DD2617D1-812F-4408-B144-D29EE91300D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{80AEDBE3-62D3-4147-93AD-F5E40238924E}] => (Allow) C:\Users\vinzenz\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{C9FB2101-300B-41B1-B2ED-C2EA2ECC53E1}] => (Allow) C:\Users\vinzenz\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{4A732E32-6EEC-45E0-9591-B82643E1CB66}] => (Allow) C:\Users\vinzenz\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [{135A2DAB-C2D1-4523-A560-A21ECCB1AAC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{CF328984-352D-4F99-8DE8-97F7EC11FEDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{8B3F1AF7-B017-4286-8C12-5314FA8130EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{B14D1EB6-D416-4332-AC80-9681DFDBA9FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{A49A6297-033B-4F6F-B49F-C095EAB7F9EB}] => (Allow) LPort=25565
FirewallRules: [{7D8684F4-8C42-4D76-8A2E-EA85CF2844FF}] => (Allow) LPort=25565
FirewallRules: [{992B9E4B-9AB4-4485-A4E2-386C5437532F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A04A44F9-99C8-43D1-A97C-03781E055FE0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB20BDA5-AAE1-4DC3-BC8E-A8F284403A09}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B0B75168-BAB9-4F2E-A76B-70A30F85BC7F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB57C265-D70E-49C4-A83B-9A263E39946E}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{FB1E8D49-D34C-46A0-8D78-6BE264202BA2}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{FDEDBFC0-FF9C-4264-A475-AE18C8D79ED7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{E8212B5E-ED0D-4A38-81D1-92A784077EB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{22555717-F2DB-4DEC-B259-515C648522B4}] => (Allow) LPort=53000
FirewallRules: [{EC8F5446-5BA3-4883-AA34-26D3D748AFAF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{EE366BBF-BFE4-4D33-8840-5F466B4F61BA}] => (Allow) LPort=52000
FirewallRules: [{795AA3A0-F6FF-4D39-9D19-D124850556FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DEDDE9B9-9A07-4C87-B47E-0DFBE35BF4CD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{41E193EF-A46C-4E2B-A6F7-10300E58CE91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4B54AF0-0352-4369-BE45-6B802F0E2DD7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FB7E332C-5180-4439-B576-FDD383ED481A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
Name: Bluetooth RFCOMM
Description: Bluetooth RFCOMM
Class Guid: {7240100f-6512-4548-8418-9ebb5c6a1a94}
Manufacturer: TOSHIBA
Service: tosrfcom
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (07/15/2015 12:24:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Launcher.exe, Version 1.36.9165.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b14
Startzeit: 01d0be83a4411472
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
Berichts-ID: 142b1f63-2a77-11e5-8143-78e3b5b33225
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/15/2015 12:22:46 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (07/13/2015 10:41:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:
bei System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
bei System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.Common.WindowBasedFeeler.Close()
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.EEU.PI_EEUPlugin.Stop()
bei ATI.ACE.AEM.Server.ACEEventManager.Stop()
bei ATI.ACE.CLI.Component.Runtime.Runtime.Cleanup()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Destroy()
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (07/09/2015 10:46:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TeamViewer_Service.exe, Version: 10.0.43879.0, Zeitstempel: 0x55829f6c
Name des fehlerhaften Moduls: TeamViewer_Service.exe, Version: 10.0.43879.0, Zeitstempel: 0x55829f6c
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00315f73
ID des fehlerhaften Prozesses: 0xb68
Startzeit der fehlerhaften Anwendung: 0xTeamViewer_Service.exe0
Pfad der fehlerhaften Anwendung: TeamViewer_Service.exe1
Pfad des fehlerhaften Moduls: TeamViewer_Service.exe2
Berichtskennung: TeamViewer_Service.exe3
Vollständiger Name des fehlerhaften Pakets: TeamViewer_Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TeamViewer_Service.exe5
Error: (07/09/2015 03:56:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:
bei System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
bei System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.Common.WindowBasedFeeler.Close()
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.EEU.PI_EEUPlugin.Stop()
bei ATI.ACE.AEM.Server.ACEEventManager.Stop()
bei ATI.ACE.CLI.Component.Runtime.Runtime.Cleanup()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Destroy()
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (07/08/2015 01:35:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.16.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5f4
Startzeit: 01d0b970c529498d
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
Berichts-ID: 6e34da93-2565-11e5-8140-78e3b5b33225
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/08/2015 01:30:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bb0
Startzeit: 01d0b970d1206a7c
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: c4f0723e-2564-11e5-8140-78e3b5b33225
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (07/06/2015 06:19:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.InvalidAsynchronousStateException
Stapel:
bei System.Windows.Forms.Control.WaitForWaitHandle(System.Threading.WaitHandle)
bei System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
bei System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.Common.WindowBasedFeeler.Close()
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.EEU.PI_EEUPlugin.Stop()
bei ATI.ACE.AEM.Server.ACEEventManager.Stop()
bei ATI.ACE.CLI.Component.Runtime.Runtime.Cleanup()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Destroy()
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (07/05/2015 07:08:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ts3client_win64.exe, Version: 3.0.16.0, Zeitstempel: 0x53df8e89
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0f20
ID des fehlerhaften Prozesses: 0xbd4
Startzeit der fehlerhaften Anwendung: 0xts3client_win64.exe0
Pfad der fehlerhaften Anwendung: ts3client_win64.exe1
Pfad des fehlerhaften Moduls: ts3client_win64.exe2
Berichtskennung: ts3client_win64.exe3
Vollständiger Name des fehlerhaften Pakets: ts3client_win64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ts3client_win64.exe5
Error: (07/05/2015 07:07:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ts3client_win64.exe, Version: 3.0.16.0, Zeitstempel: 0x53df8e89
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0f20
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xts3client_win64.exe0
Pfad der fehlerhaften Anwendung: ts3client_win64.exe1
Pfad des fehlerhaften Moduls: ts3client_win64.exe2
Berichtskennung: ts3client_win64.exe3
Vollständiger Name des fehlerhaften Pakets: ts3client_win64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ts3client_win64.exe5
System errors:
=============
Error: (07/14/2015 04:16:42 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{CC9183EA-D6D0-4885-B542-2A53EDE52B6D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/13/2015 07:06:52 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (07/13/2015 07:06:50 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (07/13/2015 04:29:25 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "VINZ" auf Transport "NetBT_Tcpip_{CC9183EA-D6D0-4885-B542-2A53EDE52B6D}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (07/13/2015 10:07:24 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{CC9183EA-D6D0-4885-B542-2A53EDE52B6D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/12/2015 03:35:31 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{CC9183EA-D6D0-4885-B542-2A53EDE52B6D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/12/2015 12:59:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{CC9183EA-D6D0-4885-B542-2A53EDE52B6D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/11/2015 11:34:31 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/11/2015 06:24:24 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Error: (07/11/2015 12:16:04 AM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.
Microsoft Office:
=========================
Error: (07/15/2015 12:24:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Launcher.exe1.36.9165.21b1401d0be83a44114724294967295C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe142b1f63-2a77-11e5-8143-78e3b5b33225
Error: (07/15/2015 12:22:46 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (07/13/2015 10:41:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:
bei System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
bei System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.Common.WindowBasedFeeler.Close()
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.EEU.PI_EEUPlugin.Stop()
bei ATI.ACE.AEM.Server.ACEEventManager.Stop()
bei ATI.ACE.CLI.Component.Runtime.Runtime.Cleanup()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Destroy()
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (07/09/2015 10:46:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TeamViewer_Service.exe10.0.43879.055829f6cTeamViewer_Service.exe10.0.43879.055829f6cc000040900315f73b6801d0ba88493e8356c:\users\vinzenz\appdata\local\temp\teamviewer\TeamViewer_Service.exec:\users\vinzenz\appdata\local\temp\teamviewer\TeamViewer_Service.exe9a005ea3-267b-11e5-8143-78e3b5b33225
Error: (07/09/2015 03:56:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:
bei System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
bei System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.Common.WindowBasedFeeler.Close()
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.EEU.PI_EEUPlugin.Stop()
bei ATI.ACE.AEM.Server.ACEEventManager.Stop()
bei ATI.ACE.CLI.Component.Runtime.Runtime.Cleanup()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Destroy()
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (07/08/2015 01:35:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ts3client_win64.exe3.0.16.05f401d0b970c529498d4294967295C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe6e34da93-2565-11e5-8140-78e3b5b33225
Error: (07/08/2015 01:30:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415bb001d0b970d1206a7c4294967295C:\WINDOWS\syswow64\wwahost.exec4f0723e-2564-11e5-8140-78e3b5b33225Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp
Error: (07/06/2015 06:19:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.InvalidAsynchronousStateException
Stapel:
bei System.Windows.Forms.Control.WaitForWaitHandle(System.Threading.WaitHandle)
bei System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
bei System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.Common.WindowBasedFeeler.Close()
bei ATI.ACE.AEM.Plugin.Source.Kit.Server.EEU.PI_EEUPlugin.Stop()
bei ATI.ACE.AEM.Server.ACEEventManager.Stop()
bei ATI.ACE.CLI.Component.Runtime.Runtime.Cleanup()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Destroy()
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (07/05/2015 07:08:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ts3client_win64.exe3.0.16.053df8e89ntdll.dll6.3.9600.17736550f4336c000037400000000000f0f20bd401d0b7451c0f79afC:\Program Files\TeamSpeak 3 Client\ts3client_win64.exeC:\WINDOWS\SYSTEM32\ntdll.dll6e099efd-2338-11e5-813f-78e3b5b33225
Error: (07/05/2015 07:07:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ts3client_win64.exe3.0.16.053df8e89ntdll.dll6.3.9600.17736550f4336c000037400000000000f0f201fb001d0b744f5a342c6C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exeC:\WINDOWS\SYSTEM32\ntdll.dll560431de-2338-11e5-813f-78e3b5b33225
CodeIntegrity Errors:
===================================
Date: 2014-05-01 18:21:56.577
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
Date: 2014-05-01 18:21:56.433
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
Date: 2014-04-30 06:36:11.434
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-04-30 06:36:11.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-04-30 06:35:07.186
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
Date: 2014-04-30 06:35:07.123
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
Date: 2014-04-30 06:32:57.878
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
Date: 2014-04-30 06:32:57.816
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
Date: 2014-04-29 22:10:21.487
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll that did not meet the Windows signing level requirements.
Date: 2014-04-29 22:10:21.377
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 40%
Total physical RAM: 8087.52 MB
Available physical RAM: 4851.98 MB
Total Virtual: 9466.03 MB
Available Virtual: 4667.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.77 GB) (Free:832.86 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.92 GB) (Free:1.28 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CC70802D)
Partition: GPT Partition Type.
==================== End of log ============================
--- --- ---
Shortcut: Code:
Users shortcut scan result (x64) Version:13-07-2015
Ran by vinzenz at 2015-07-15 00:46:34
Running from C:\Users\vinzenz\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk -> C:\Windows\BrowserChoice\html\default.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connected Music powered by Meridian.lnk -> C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connected Music powered by Universal Music Group.lnk -> C:\Program Files (x86)\Connected Music powered by Universal Music Group\Connected Music powered by Universal Music Group.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection\Recovery Manager\PowerRecover.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection\Recovery Manager\Recovery Disc Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\CDCreator.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\CyberLink LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\CyberLink Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice Beta 4.1.0\OpenOffice Beta Base.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice Beta 4.1.0\OpenOffice Beta Calc.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice Beta 4.1.0\OpenOffice Beta Draw.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice Beta 4.1.0\OpenOffice Beta Impress.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice Beta 4.1.0\OpenOffice Beta Math.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice Beta 4.1.0\OpenOffice Beta Writer.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice Beta 4.1.0\OpenOffice Beta.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Beats Audio Control Panel.lnk -> C:\Windows\System32\IDTNC64.cpl (IDT, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Connected Music powered by Meridian.lnk -> C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink Media Suite.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PhotoDirector.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector\PhotoDirector.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDVD.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\HP Connected Remote.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteMgmtUI.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Visio 2010.lnk -> C:\Windows\Installer\{91140000-0057-0000-0000-0000000FF1CE}\visicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{91140000-0057-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{91140000-0057-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{91140000-0057-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office 2010-Spracheinstellungen.lnk -> C:\Windows\Installer\{91140000-0057-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{91140000-0057-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC\HTC Sync Manager\HTC Sync Manager.lnk -> C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP support information.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Bluetooth Assistant.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\BtAssist1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Bluetooth Information Exchanger.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtProc1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Bluetooth Settings.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ECCenter1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Remote Camera.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\BIP_Camera1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\User's Guide.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\UsrGuide.exe (TOSHIBA CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Wireless File Transfer.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\WirelessFTP1.exe (TOSHIBA CORPORATION.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta\Battlefield Hardline Beta Endbenutzer-Lizenzvertrag.lnk -> C:\Program Files (x86)\Origin Games\BFH Beta 2\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta\Battlefield Hardline Beta.lnk -> C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe (Visceral Games)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta\Kundendienst.lnk -> C:\Program Files (x86)\Origin Games\BFH Beta 2\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\System Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\vinzenz\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\vinzenz\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Battlefield Hardline.lnk -> C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe (Visceral Games)
Shortcut: C:\Users\Public\Desktop\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Public\Desktop\TeamViewer 10.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\Users\vinzenz\Links\Desktop.lnk -> C:\Users\vinzenz\Desktop ()
Shortcut: C:\Users\vinzenz\Links\Downloads.lnk -> C:\Users\vinzenz\Downloads ()
Shortcut: C:\Users\vinzenz\Desktop\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\vinzenz\Desktop\Spiele\Starbound Update 7.1.lnk -> C:\Games\Starbound Update 7.1\win32\launcher\launcher.exe (Chucklefish LTD)
Shortcut: C:\Users\vinzenz\Desktop\OpenOffice\OpenOffice Beta 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice Beta 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\vinzenz\Desktop\KP\Connected Music powered by Universal Music Group.lnk -> C:\Program Files (x86)\Connected Music powered by Universal Music Group\Connected Music powered by Universal Music Group.exe ()
Shortcut: C:\Users\vinzenz\Desktop\KP\Connected Remote.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteMgmtUI.exe (Hewlett-Packard)
Shortcut: C:\Users\vinzenz\Desktop\KP\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company)
Shortcut: C:\Users\vinzenz\Desktop\KP\HTC Sync Manager.lnk -> C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe ()
Shortcut: C:\Users\vinzenz\Desktop\KP\Secure Download Manager.lnk -> C:\Users\vinzenz\AppData\Roaming\Microsoft\Installer\{C58626D6-7EBD-460D-8B6C-75B3C3464879}\_40BECA0F5E504B6A2498E3.exe ()
Shortcut: C:\Users\vinzenz\Desktop\KP\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EverQuest II PSG.lnk -> C:\Users\Public\Sony Online Entertainment\Installed Games\EverQuest II PSG\LaunchPad.exe (Sony Online Entertainment)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url ()
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe ()
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Uninstall Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OWUninstaller.exe (Overwolf Ltd.)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services\eBay.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=cndt&locale=de_de&bd=all&c=124
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Snapfish Fotos.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de
ShortcutWithArgument: C:\Users\vinzenz\Desktop\KP\eBay.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=de_de&bd=all&c=124
ShortcutWithArgument: C:\Users\vinzenz\Desktop\KP\Snapfish Fotos.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-12238157240.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xdd4b4f9c -pinnedTimeHigh 0x01ce57c7 -securityFlags 0x00000000 -url 0x00000022 hxxp://empire.goodgamestudios.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {80EE9168-BB59-4F87-BF1A-57C137EAF714} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC\HTC Sync Manager\Uninstall HTC Sync Manager.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {231D0C79-98A6-4693-A366-36DE7D7346EC}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC\HTC Driver\Uninstall HTC Driver.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {4CEEE5D0-F905-4688-B9F9-ECC710507796}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\WSG.lnk -> C:\SWSETUP\HP Documentation\eDocLauncher.exe (Hewlett-Packard) -> P004H7B2 WSG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\OPS.lnk -> C:\SWSETUP\HP Documentation\eDocLauncher.exe (Hewlett-Packard) -> P004GZB2 OPS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\SCG.lnk -> C:\SWSETUP\HP Documentation\eDocLauncher.exe (Hewlett-Packard) -> P004GZB2 SCG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\SRI.lnk -> C:\SWSETUP\HP Documentation\eDocLauncher.exe (Hewlett-Packard) -> P004GZB2 SRI
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP User Manuals\TMG.lnk -> C:\SWSETUP\HP Documentation\eDocLauncher.exe (Hewlett-Packard) -> P004GZB2 TMG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure\F-Secure Support Tool.lnk -> C:\Program Files (x86)\F-Secure\diagnostics\fsdiag.exe (F-Secure Corporation) -> /OPERATORID:666
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure\F-Secure.lnk -> C:\Program Files (x86)\F-Secure\trigger.exe (F-Secure Corporation) -> --open-launchpad --operator-id 666
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth\Add New Connection.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ECCenter1.exe (TOSHIBA CORPORATION.) -> W /AUTOMODE
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallApp
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /DelRP
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallDriver
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /RecoveryReport
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /CDCreator
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\F-Secure.lnk -> C:\Program Files (x86)\F-Secure\trigger.exe (F-Secure Corporation) -> --open-launchpad --operator-id 666
ShortcutWithArgument: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter
ShortcutWithArgument: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\vinzenz\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\9176798760.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xfa4c8e98 -pinnedTimeHigh 0x01ce57c7 -securityFlags 0x00000000 -url 0x00000019 https://www.facebook.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\Users\Default\Favorites\Links\Amazon.de – online einkaufen.url -> hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=124&bd=pavilion&tp=iefavbar&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\Default\Favorites\HP\Amazon.de – online einkaufen.url -> hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=124&bd=pavilion&tp=iefavs&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\Default\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=de_de&bd=all&c=124
InternetURL: C:\Users\Default\Favorites\HP\Snapfish Fotos.url -> hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de
InternetURL: C:\Users\vinzenz\Favorites\Ausrüstung - vinz__1999 - Battlelog - BFH.url -> hxxp://battlelog.battlefield.com/bfh/de/loadout/vinz__1999/1059904435/pc/#overview
InternetURL: C:\Users\vinzenz\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\vinzenz\Favorites\Mail.Ru Агент - используй для общения!.url -> hxxp://agent.mail.ru
InternetURL: C:\Users\vinzenz\Favorites\Mail.Ru.url -> hxxp://www.mail.ru
InternetURL: C:\Users\vinzenz\Favorites\Links\Acer G236HLBbd 58,4 cm LED-Monitor schwarz Amazon.de Computer & Zubehör.url -> hxxp://www.amazon.de/Acer-G236HLBbd-LED-Monitor-Reaktionszeit-schwarz/dp/B007UIP71M/ref=sr_1_2?s=computers&ie=UTF8&qid=1412023836&sr=1-2&keywords=acer+lcd+monitor+g23#productDetails
InternetURL: C:\Users\vinzenz\Favorites\Links\Amazon.de – online einkaufen.url -> hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=124&bd=pavilion&tp=iefavbar&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\vinzenz\Favorites\Links\Ausrüstung - vinz__1999 - Battlelog - BFH.url -> hxxp://battlelog.battlefield.com/bfh/de/loadout/vinz__1999/1059904435/pc/#overview
InternetURL: C:\Users\vinzenz\Favorites\Links\cg blacklist - Google Tabellen (2).url -> https://docs.google.com/spreadsheets/d/1L0Zagf5ysWpKKKoxIoYXRN2BUywMs2rhMTnJJAStADk/edit?pli=1#gid=495787340
InternetURL: C:\Users\vinzenz\Favorites\Links\cg blacklist - Google Tabellen.url -> https://docs.google.com/spreadsheets/d/1L0Zagf5ysWpKKKoxIoYXRN2BUywMs2rhMTnJJAStADk/edit?pli=1#gid=852652924
InternetURL: C:\Users\vinzenz\Favorites\Links\CG Channel Prozess-Verhalten - Google Docs.url -> https://docs.google.com/document/d/1uYuH7uZ4p8R4f0HgsfP9TV1q9VKZ_JXrbwbUfHeO5Gw/edit?pli=1
InternetURL: C:\Users\vinzenz\Favorites\Links\Desert Operations Kostenloses Strategisches Militär Browsergame.url -> hxxp://www.desert-operations.de/game.html
InternetURL: C:\Users\vinzenz\Favorites\Links\Empire - Leveln von RRB - Google Docs (2).url -> https://docs.google.com/spreadsheet/lv?key=0AtI4Tgeu50XzdENwbXg1WmNDcXdmLVlZZ1l1Z3c4YXc&toomany=true#gid=0
InternetURL: C:\Users\vinzenz\Favorites\Links\Empire - Leveln von RRB - Google Docs.url -> https://docs.google.com/spreadsheet/lv?key=0AtI4Tgeu50XzdENwbXg1WmNDcXdmLVlZZ1l1Z3c4YXc&toomany=true#gid=0
InternetURL: C:\Users\vinzenz\Favorites\Links\F.V.I. - Fata viam Invenient.url -> hxxp://fvi-fata-viam-invenient.npage.de/die-strukturen-und-mitgliedsallianzen.html
InternetURL: C:\Users\vinzenz\Favorites\Links\Schwip Schwap » Schwip Schwap-Connect - Mein Konto.url -> https://www.schwipschwap.de/meinkonto
InternetURL: C:\Users\vinzenz\Favorites\HP\Amazon.de – online einkaufen.url -> hxxp://redirect.hp.com/svs/rdr?locale=de_de&c=124&bd=pavilion&tp=iefavs&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\vinzenz\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=de_de&bd=all&c=124
InternetURL: C:\Users\vinzenz\Favorites\HP\Snapfish Fotos.url -> hxxp://www.snapfish.com/hp_desktop_desktopicon_2012_de
InternetURL: C:\Users\vinzenz\Desktop\Spiele\Farming Simulator 15.url -> steam://rungameid/313160
InternetURL: C:\Users\vinzenz\Desktop\Spiele\Tom Clancy's Ghost Recon Phantoms - EU.url -> steam://rungameid/272350
InternetURL: C:\Users\vinzenz\Desktop\Spiele\War Thunder.url -> steam://rungameid/236390
InternetURL: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Farming Simulator 15.url -> steam://rungameid/313160
InternetURL: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Tom Clancy's Ghost Recon Phantoms - EU.url -> steam://rungameid/272350
InternetURL: C:\Users\vinzenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\War Thunder.url -> steam://rungameid/236390
==================== End of log =============================
|
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
TDSSKiller.exe und speichere diese Datei auf dem Desktop
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
