Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Plagegeister aller Art und deren Bekämpfung: Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 16.04.2014, 14:40   #1
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Hey,
nachdem ich in letzter Zeit öfter kleinere Probleme mit meinem Laptop hatte, habe ich mal auf Viren gescannt. Dabei ließ ich gestern zuerst eine schnelle Überprüfung mit Avast durchlaufen, wobei eine Datei gefunden wurde, die mit der Bedrohung "win32:Rootkit-gen" gekennzeichnet ist. Diese ließ ich von Avast löschen und führte beim Booten heute eine Startzeit-Überprüfung durch. Dabei fand Avast diverse als PUP oder AdWare gekennzeichnete Dateien:



Als ich der Sache im Internet ein bisschen auf den Grund ging, wie ich Infektionen am besten loswerde und in wiefern es sich dabei überhaupt um Infektionen handelt, bin ich auf dieses Forum gestoßen und hoffe, ihr könnt mir helfen (z.B. falls ein Logfile vom Avast-Scan benötigt wird? Ich habe keine Ahnung, wo ich diese finden würde...)

Dankeschön!

Alt 16.04.2014, 14:53   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 16.04.2014, 15:30   #3
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Leider keine anderen Scan-Logs verfügbar

FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 01
Ran by Sofo (administrator) on ERNST on 16-04-2014 16:16:54
Running from C:\Users\Sofo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Dropbox, Inc.) C:\Users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ZTE) C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\MCSERVER.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-daemon.exe
() C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\db_daemon.exe
(Dossin-Brade GbR) C:\Windows\SysWOW64\studnet\studnet.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Jasc Software, Inc.) C:\Program Files (x86)\Paint Shop Pro 6\Psp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10361616 2011-02-11] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-05-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-27] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} URL = hxxp://search.kikin.com/search/?q={searchTerms}
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SaveSense - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{86DD59FC-FF24-4A07-9C3E-C46AC9E7255C}: [NameServer]139.18.25.3,139.18.1.2

FireFox:
========
FF ProfilePath: C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default
FF user.js: detected! => C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\user.js
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\artur.dubovoy@gmail.com [2014-03-11]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\ascsurfingprotection@iobit.com [2013-05-04]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\ich@maltegoetz.de [2013-12-19]
FF Extension: EPUBReader - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-25]
FF Extension: SaveSense - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2013-11-27]
FF Extension: Copy to Semagic - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\copytosemagic@semagic.sourceforge.net.xpi [2013-10-08]
FF Extension: Tumblr Savior - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2014-01-19]
FF Extension: BetterPrivacy - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-12-24]
FF Extension: Greasemonkey - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-19]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-10]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon [2013-05-17]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-01-10]

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: twitter.com
CHR DefaultSearchProvider: Twitter
CHR DefaultSearchURL: hxxp://twitter.com/search?q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-05-04]
CHR Extension: (DVDVideoSoft) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-11-15]
CHR Extension: (Google Wallet) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Citavi Picker) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piehhloihgjjiomhieeddiidpekaajio [2014-01-10]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-15]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [piehhloihgjjiomhieeddiidpekaajio] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Chrome\ChromePicker.crx [2014-01-10]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-27] (AVAST Software)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-11-27] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-11-27] (SaveSense)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-27] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [1077416 2010-09-16] (DiBcom SA)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
S3 X6va008; \??\C:\Users\Sofo\AppData\Local\Temp\008E123.tmp [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 16:16 - 2014-04-16 16:18 - 00025508 _____ () C:\Users\Sofo\Desktop\FRST.txt
2014-04-16 16:16 - 2014-04-16 16:16 - 00000000 ____D () C:\FRST
2014-04-16 16:14 - 2014-04-16 16:15 - 02158080 _____ (Farbar) C:\Users\Sofo\Desktop\FRST64.exe
2014-04-14 11:00 - 2014-04-14 11:00 - 00000944 _____ () C:\Users\Public\Desktop\StudNET Login Client.lnk
2014-04-14 10:51 - 2014-04-16 15:03 - 00000280 _____ () C:\Windows\setupact.log
2014-04-14 10:51 - 2014-04-16 15:02 - 00002616 _____ () C:\Windows\PFRO.log
2014-04-14 10:51 - 2014-04-14 10:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-11 00:00 - 2014-04-11 00:00 - 00000000 _____ () C:\Windows\SysWOW64\shoBF81.tmp
2014-04-09 17:03 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 17:03 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 17:03 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 17:03 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 17:03 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 17:03 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 17:03 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 17:01 - 2014-03-08 06:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 17:01 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 17:01 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 17:01 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 17:01 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 17:01 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 17:01 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 17:01 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 17:01 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 17:01 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 17:01 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 17:01 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 17:01 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 17:01 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 17:01 - 2014-03-08 05:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 17:01 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 17:01 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 17:01 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 17:01 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 17:01 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 17:01 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 17:01 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 17:01 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-09 17:01 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 17:01 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-09 17:01 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 17:01 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 17:01 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 17:01 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 17:01 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 17:01 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-09 17:01 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 20:24 - 2014-04-08 20:24 - 00993712 _____ () C:\Users\Sofo\Downloads\setup (2).exe
2014-04-07 21:40 - 2014-04-07 21:40 - 00000826 _____ () C:\Users\Sofo\Documents\qc_ons.xml
2014-04-03 13:13 - 2014-04-03 13:13 - 02444288 _____ () C:\Users\Sofo\Downloads\982013041P1T001.XLS
2014-04-01 21:27 - 2014-04-01 21:27 - 04968079 _____ (Tim Kosse) C:\Users\Sofo\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-01 20:47 - 2014-04-01 20:47 - 00000000 ____D () C:\Users\Sofo\workspace
2014-04-01 20:45 - 2014-04-01 20:48 - 00000000 ____D () C:\Users\Sofo\.android
2014-04-01 20:20 - 2014-04-01 20:20 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Sofo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-03-30 16:40 - 2014-03-30 16:40 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-30 16:39 - 2014-03-30 16:40 - 84795392 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-29 14:00 - 2014-03-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-21 16:20 - 2014-03-21 16:20 - 00000000 _____ () C:\Windows\SysWOW64\sho1123.tmp
2014-03-19 13:51 - 2014-03-19 13:51 - 00016155 _____ () C:\Users\Sofo\Downloads\Gruppenübersicht GYM MS.xlsx

==================== One Month Modified Files and Folders =======

2014-04-16 16:18 - 2014-04-16 16:16 - 00025508 _____ () C:\Users\Sofo\Desktop\FRST.txt
2014-04-16 16:16 - 2014-04-16 16:16 - 00000000 ____D () C:\FRST
2014-04-16 16:15 - 2014-04-16 16:14 - 02158080 _____ (Farbar) C:\Users\Sofo\Desktop\FRST64.exe
2014-04-16 16:11 - 2013-11-27 01:06 - 00000928 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-04-16 16:11 - 2013-02-11 18:59 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Skype
2014-04-16 16:09 - 2013-11-27 01:06 - 00000288 _____ () C:\Windows\Tasks\SaveSense.job
2014-04-16 16:09 - 2013-02-10 20:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 16:09 - 2013-02-10 20:01 - 01820005 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 15:37 - 2013-02-11 19:29 - 00000000 ___RD () C:\Users\Sofo\Dropbox
2014-04-16 15:37 - 2013-02-11 19:28 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Dropbox
2014-04-16 15:25 - 2013-04-03 13:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 15:12 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 15:12 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 15:09 - 2013-07-19 19:49 - 00047754 _____ () C:\autoupdate.log
2014-04-16 15:08 - 2013-02-10 23:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-16 15:03 - 2014-04-14 10:51 - 00000280 _____ () C:\Windows\setupact.log
2014-04-16 15:03 - 2013-11-27 01:06 - 00000924 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-04-16 15:03 - 2013-02-10 20:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 15:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 15:02 - 2014-04-14 10:51 - 00002616 _____ () C:\Windows\PFRO.log
2014-04-16 02:06 - 2013-02-11 21:28 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\SoftGrid Client
2014-04-16 00:31 - 2013-02-11 19:15 - 00000000 ____D () C:\Studium
2014-04-15 15:56 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 11:00 - 2014-04-14 11:00 - 00000944 _____ () C:\Users\Public\Desktop\StudNET Login Client.lnk
2014-04-14 11:00 - 2013-11-25 00:05 - 00000048 _____ () C:\Users\Public\Desktop\StudNET Homepage.url
2014-04-14 11:00 - 2013-03-15 13:25 - 00684916 _____ () C:\Windows\unins000.exe
2014-04-14 11:00 - 2013-03-15 13:25 - 00339767 _____ () C:\Windows\unins000.dat
2014-04-14 10:51 - 2014-04-14 10:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 02:43 - 2014-02-18 21:11 - 00309248 ____H () C:\Users\Sofo\Desktop\~WRL0051.tmp
2014-04-13 20:33 - 2013-05-10 19:05 - 00000000 ____D () C:\Windows\Minidump
2014-04-13 20:33 - 2013-02-10 21:18 - 00000000 ___RD () C:\Users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 20:29 - 2013-02-10 21:17 - 00000000 ____D () C:\Users\Sofo
2014-04-13 17:39 - 2014-02-18 21:11 - 00293376 ____H () C:\Users\Sofo\Desktop\~WRL0050.tmp
2014-04-11 00:00 - 2014-04-11 00:00 - 00000000 _____ () C:\Windows\SysWOW64\shoBF81.tmp
2014-04-09 23:49 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-09 18:01 - 2011-04-24 01:02 - 00700110 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 18:01 - 2011-04-24 01:02 - 00149960 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 18:01 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-08 20:24 - 2014-04-08 20:24 - 00993712 _____ () C:\Users\Sofo\Downloads\setup (2).exe
2014-04-08 15:18 - 2013-02-10 21:19 - 00157760 _____ () C:\Users\Sofo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 21:53 - 2013-02-13 16:16 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\FileZilla
2014-04-07 21:48 - 2013-02-11 19:15 - 00000000 ____D () C:\Sub
2014-04-07 21:40 - 2014-04-07 21:40 - 00000826 _____ () C:\Users\Sofo\Documents\qc_ons.xml
2014-04-06 02:41 - 2013-11-28 00:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-06 02:39 - 2011-04-24 12:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-06 02:00 - 2014-02-18 21:11 - 00284160 ____H () C:\Users\Sofo\Desktop\~WRL0049.tmp
2014-04-05 04:24 - 2014-02-18 21:11 - 00284160 ____H () C:\Users\Sofo\Desktop\~WRL0048.tmp
2014-04-04 02:26 - 2014-02-18 21:11 - 00274944 ____H () C:\Users\Sofo\Desktop\~WRL0047.tmp
2014-04-03 13:13 - 2014-04-03 13:13 - 02444288 _____ () C:\Users\Sofo\Downloads\982013041P1T001.XLS
2014-04-02 18:04 - 2013-02-14 13:57 - 00000000 ____D () C:\Users\Sofo\AppData\Local\Last.fm
2014-04-01 21:28 - 2013-02-12 00:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-01 21:27 - 2014-04-01 21:27 - 04968079 _____ (Tim Kosse) C:\Users\Sofo\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-01 20:48 - 2014-04-01 20:45 - 00000000 ____D () C:\Users\Sofo\.android
2014-04-01 20:47 - 2014-04-01 20:47 - 00000000 ____D () C:\Users\Sofo\workspace
2014-04-01 20:21 - 2013-11-20 12:33 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-01 20:20 - 2014-04-01 20:20 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Sofo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-01 00:06 - 2013-12-18 21:06 - 00000138 _____ () C:\Users\Sofo\AppData\Roaming\WB.CFG
2014-03-31 03:39 - 2013-05-27 16:56 - 00000000 ____D () C:\Users\Uni\AppData\Roaming\SoftGrid Client
2014-03-31 02:17 - 2013-05-21 20:50 - 00157760 _____ () C:\Users\Uni\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 23:25 - 2014-02-18 21:11 - 00261120 ____H () C:\Users\Sofo\Desktop\~WRL1429.tmp
2014-03-30 16:40 - 2014-03-30 16:40 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-30 16:40 - 2014-03-30 16:39 - 84795392 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-30 14:54 - 2013-02-11 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 02:02 - 2013-02-10 20:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 02:02 - 2013-02-10 20:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 14:00 - 2014-03-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-21 16:20 - 2014-03-21 16:20 - 00000000 _____ () C:\Windows\SysWOW64\sho1123.tmp
2014-03-19 13:51 - 2014-03-19 13:51 - 00016155 _____ () C:\Users\Sofo\Downloads\Gruppenübersicht GYM MS.xlsx
2014-03-19 12:58 - 2013-02-11 19:15 - 00000000 ____D () C:\Users\Sofo\Desktop\Spiele
2014-03-17 00:30 - 2014-02-18 21:11 - 00231424 ____H () C:\Users\Sofo\Desktop\~WRL2702.tmp

Some content of TEMP:
====================
C:\Users\Uni\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-16 19:50

==================== End Of Log ============================
--- --- ---



Und Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-04-2014 01
Ran by Sofo at 2014-04-16 16:20:45
Running from C:\Users\Sofo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.2 - IObit)
Aegisub 3.0.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.2 - Aegisub Team)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.3.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.1 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audition Online (HKLM-x32\...\Audition Online1.2.6064) (Version: 1.2.6064 - Burda:ic)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2008 - Avast Software)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Chaos auf Deponia (HKLM-x32\...\Deponia 2) (Version: 1.0 - Daedalic Entertainment)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.2.0.11 - Swiss Academic Software)
congstar Internet-Manager (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.1.588 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.4020 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2731.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.3503 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4013 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Strokes - Die Sünden der Väter (HKLM-x32\...\Dark Strokes - Die Sünden der Väter) (Version:  - )
Deponia (HKLM-x32\...\Deponia) (Version: 1.1.5 - Daedalic Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Druckerdeinstallation für EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series) (Version:  - SEIKO EPSON Corporation)
Edna Bricht Aus - Sammler Edition (HKLM-x32\...\EdnaSE) (Version: 1.2 - Daedalic Entertainment)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Harveys neue Augen Special Edition (HKLM-x32\...\Harveys neue Augen Special Edition) (Version: 1.3 - Daedalic Entertainment)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC)
ICQ 8.0 (build 5996, für aktuellen Benutzer) (HKCU\...\ICQ) (Version: 8.0.5996.0 - Mail.Ru)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{794E5C90-96E5-4413-B3F5-C803205AE30C}) (Version: 14.0.3000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 7 Update 2 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417002FF}) (Version: 7.0.20 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
kikin plugin 2.10 (HKLM-x32\...\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}) (Version: 2.10 - kikin)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.33 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Media converter (HKLM-x32\...\{729E16B3-1B80-4F3F-8D19-342A89631E0A}_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MovieDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - 1clickmoviedownloader.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6.1 - Project64)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6334 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
SaveSense (HKCU\...\SaveSense) (Version:  - ) <==== ATTENTION
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Semagic (remove only) (HKLM-x32\...\Semagic) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StudNET Login Client (HKLM-x32\...\{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1) (Version: 4.1 - Dossin-Brade GbR Leipzig)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
UltraStar Deluxe (HKLM-x32\...\UltraStar Deluxe) (Version: 1.1 - USDX Team)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Violin Newbie 2011 Version 3.1 (HKLM-x32\...\{B29E9BAD-AE37-488F-AB89-064EE3CFB72A}_is1) (Version: 3.1 - Simon Rettenbacher)
VR-pulse Installer (HKLM\...\{E3725525-DE3E-48C1-9B81-D5FF1BFA23BC}) (Version: 1.4.0 - American Megatrends Inc.)
watchmi (HKLM-x32\...\{AA4D1C5E-116A-4FF4-AA91-28F526868203}) (Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version:  - )

==================== Restore Points  =========================

12-03-2014 13:14:49 Windows Update
09-04-2014 15:00:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {3F5D9511-A7E3-4EB0-93B0-9F9EFE547514} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-27] (AVAST Software)
Task: {4548D5C2-EBFD-48C2-A100-8D65B15C9890} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {6387A3C6-25CE-46DA-801D-5ABE983F4727} - System32\Tasks\SaveSense => C:\Users\Sofo\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {67CAA8E0-DC13-4C92-A4D8-1D6B7112134D} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: {840D8940-1B59-4C69-B481-9FC33240E4C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {B6CEBE3E-E163-4148-97C5-0C7AAEE47556} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {C8C02EA0-0B84-4244-A998-32E88015681C} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit)
Task: {ED279018-F564-450B-8B86-0847C12E1C4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {FA926933-0C6F-478B-9FDB-58330A683798} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Sofo\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-02-05 00:42 - 2011-02-05 00:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-04-27 13:32 - 2010-12-14 11:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-12-06 13:52 - 2010-12-06 13:52 - 00062464 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2013-02-10 21:09 - 2013-02-10 21:09 - 00061952 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.5.0.5__f722db7bec59a14b\Tvd.Remote.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00078848 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.5.0.5__f722db7bec59a14b\Tvd.Reporting.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00148480 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.5.0.5__f722db7bec59a14b\Tvd.Aprico.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-13 22:53 - 2012-08-01 15:44 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2013-03-06 13:58 - 2013-01-15 18:59 - 00161088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCExtMenu_64.dll
2011-04-24 13:35 - 2011-04-04 19:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-02-05 00:42 - 2011-02-05 00:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2013-05-17 12:08 - 2011-11-07 10:52 - 00220944 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-daemon.exe
2013-05-17 12:08 - 2011-11-07 10:52 - 00036624 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\db_daemon.exe
2013-03-06 13:58 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
2014-04-16 15:14 - 2014-04-16 11:45 - 02213376 _____ () C:\Program Files\AVAST Software\Avast\defs\14041600\algo.dll
2013-03-06 13:58 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-03-06 13:58 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-03-06 13:58 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-03-06 13:58 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Sofo\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-27 01:14 - 2013-11-27 01:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-12 23:50 - 2014-02-12 23:50 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-04-24 12:58 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-17 12:08 - 2011-05-06 05:03 - 00594944 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-1.dll
2013-05-17 12:08 - 2011-11-07 10:39 - 00099328 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\itapi.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00027136 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\log.dll
2013-05-17 12:08 - 2010-10-14 11:37 - 00971776 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libxml2.dll
2013-05-17 12:09 - 2010-10-14 11:37 - 00080688 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\zlib1.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00055296 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\coder.dll
2013-05-17 12:08 - 2011-11-07 10:39 - 00043008 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\audio.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00035840 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libConfig.dll
2013-05-17 12:08 - 2011-11-07 10:43 - 00020992 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libctlsvr.dll
2013-05-17 12:08 - 2007-09-09 17:07 - 00151552 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libexpat.dll
2013-05-17 12:09 - 2011-05-06 05:02 - 00341504 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\sqlite3.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 16:13 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-10 16:13 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 00180224 _____ () C:\Program Files (x86)\Paint Shop Pro 6\JCMYK.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 01703936 _____ () C:\Program Files (x86)\Paint Shop Pro 6\jff.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 00332800 _____ () C:\Program Files (x86)\Paint Shop Pro 6\Fpxlib.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 00122880 _____ () C:\Program Files (x86)\Paint Shop Pro 6\JPEGLib.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Dolby Home Theater v4 => "c:\program files (x86)\dolby home theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: icq => C:\Users\Sofo\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: msnmsgr => "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2014 03:08:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


System errors:
=============
Error: (04/16/2014 03:11:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde nicht richtig gestartet.

Error: (04/16/2014 03:06:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "watchmi service" wurde nicht richtig gestartet.

Error: (04/16/2014 03:06:25 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/15/2014 03:58:05 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/15/2014 03:58:05 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/15/2014 03:58:05 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/16/2014 03:08:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900


==================== Memory info =========================== 

Percentage of memory in use: 78%
Total physical RAM: 4003.01 MB
Available physical RAM: 875.63 MB
Total Pagefile: 8004.2 MB
Available Pagefile: 3752.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.54 GB) (Free:404.25 GB) NTFS
Drive d: (Recover) (Fixed) (Total:37.99 GB) (Free:0.05 GB) NTFS
Drive g: () (Removable) (Total:3.71 GB) (Free:3.58 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=658 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
__________________
Alt 16.04.2014, 21:15   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Avast wurde aber fündig. Bitte richtig nachsehen. Logs von Avast sollten hier sein => C:\ProgramData\Avast Software\Avast\Log
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.04.2014, 22:14   #5
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Danke, den Ordner habe ich partout nicht gefunden! Ich hoffe, das ist die richtige Logdatei:

Code:
ATTFilter
avast! Antirootkit, version 1.0
Scan started: Mittwoch, 16. April 2014 15:12:14

Process  [0] 
Process  [4] 
Process C:\Windows\System32\smss.exe [352] 
Process C:\Windows\System32\csrss.exe [556] 
Process C:\Windows\System32\csrss.exe [704] 
Process C:\Windows\System32\wininit.exe [712] 
Process C:\Windows\System32\winlogon.exe [760] 
Process C:\Windows\System32\services.exe [808] 
Process C:\Windows\System32\lsass.exe [816] 
Process C:\Windows\System32\lsm.exe [824] 
Process C:\Windows\System32\svchost.exe [920] 
Process C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [984] 
Process C:\Windows\System32\svchost.exe [460] 
Process C:\Windows\System32\svchost.exe [584] 
Process C:\Windows\System32\svchost.exe [620] 
Process C:\Windows\System32\svchost.exe [644] 
Process C:\Windows\System32\svchost.exe [660] 
Process C:\Windows\System32\audiodg.exe [1032] 
Process C:\Windows\System32\svchost.exe [1192] 
Process C:\Program Files\AVAST Software\Avast\AvastSvc.exe [1376] 
Process C:\Windows\System32\wlanext.exe [1384] 
Process C:\Windows\System32\conhost.exe [1392] 
Process C:\Windows\System32\taskeng.exe [1756] 
Process C:\Windows\System32\taskhost.exe [1764] 
Process C:\Windows\System32\spoolsv.exe [1784] 
Process C:\Windows\System32\svchost.exe [1860] 
Process C:\Windows\System32\taskeng.exe [1148] 
Process C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [1316] 
Process C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [1480] 
Process C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2300] 
Process C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2404] 
Process C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2452] 
Process C:\Windows\System32\svchost.exe [2504] 
Process C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2536] 
Process C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2656] 
Process C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2740] 
Process C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2776] 
Process C:\Windows\System32\svchost.exe [2812] 
Process C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2932] 
Process C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2964] 
Process C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [3016] 
Process C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [732] 
Process C:\Windows\System32\svchost.exe [2572] 
Process C:\Program Files (x86)\watchmi\TvdService.exe [2996] 
Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [3160] 
Process C:\PROGRA~2\COMMON~1\X10\Common\X10nets.exe [3340] 
Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [3364] 
Process C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [3440] 
Process C:\Program Files (x86)\BlueStacks\HD-Service.exe [3480] 
Process C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [3636] 
Process C:\Program Files (x86)\BlueStacks\HD-Network.exe [3680] 
Process C:\Windows\System32\conhost.exe [3688] 
Process C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe [3732] 
Process C:\Windows\System32\conhost.exe [3740] 
Process C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe [3856] 
Process C:\Windows\System32\conhost.exe [3872] 
Process C:\Windows\System32\dwm.exe [3916] 
Process C:\Windows\explorer.exe [3960] 
Process C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [564] 
Process C:\Windows\System32\hkcmd.exe [3932] 
Process C:\Windows\System32\igfxpers.exe [3940] 
Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2464] 
Process C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4004] 
Process C:\Windows\System32\rundll32.exe [3204] 
Process C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [4104] 
Process C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [4260] 
Process C:\Program Files\Windows Sidebar\sidebar.exe [4292] 
Process C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [4388] 
Process C:\Windows\System32\StikyNot.exe [4400] 
Process C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [4528] 
Process C:\Program Files (x86)\Skype\Phone\Skype.exe [4612] 
Process C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe [4672] 
Process C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [4700] 
Process C:\Program Files (x86)\Launch Manager\OSD.exe [4764] 
Process C:\Program Files (x86)\Launch Manager\WButton.exe [4844] 
Process C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [4904] 
Process C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [4952] 
Process C:\Users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe [4984] 
Process C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [5092] 
Process C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [3632] 
Process C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2632] 
Process C:\Program Files\AVAST Software\Avast\AvastUI.exe [4340] 
Process C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [5260] 
Process C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [5480] 
Process C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [5636] 
Process C:\Windows\System32\SearchIndexer.exe [5672] 
Process C:\Windows\System32\svchost.exe [5940] 
Process C:\Windows\servicing\TrustedInstaller.exe [5440] 
Process C:\Windows\System32\WUDFHost.exe [6008] 
Process C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [6056] 
Process C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [5256] 
Process C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe [4256] 
Process C:\Program Files\Windows Media Player\wmpnetwk.exe [6196] 
Process C:\Windows\System32\wbem\unsecapp.exe [6420] 
Process C:\Windows\System32\wbem\WmiPrvSE.exe [6452] 
Process C:\Windows\System32\wbem\unsecapp.exe [6108] 
Process C:\Windows\System32\SearchProtocolHost.exe [6892] 
Process C:\Windows\System32\svchost.exe [7100] 
Process C:\Windows\System32\dllhost.exe [6836] 
Process C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [5332] 
Process C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2128] 
Process C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [6696] 
Process C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [6020] 
Process C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [652] 
Process C:\Windows\System32\SearchFilterHost.exe [2972] 
Process C:\Windows\System32\wbem\WmiPrvSE.exe [3200] 
Process C:\Program Files (x86)\IObit\Advanced SystemCare 6\DelayLoad.exe [4012] 
Disk 0 MBR
Disk 0 default boot code
Service .NET CLR Data [???] 
Service .NET CLR Networking [???] 
Service .NET CLR Networking 4.0.0.0 [???] 
Service .NET Data Provider for Oracle [???] 
Service .NET Data Provider for SqlServer [???] 
Service .NET Memory Cache 4.0 [???] 
Service .NETFramework [???] 
Service 1394ohci [C:\Windows\system32\drivers\1394ohci.sys] 
Service ABBYY.Licensing.FineReader.Sprint.9.0 [C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe] 
Service ACPI [C:\Windows\system32\drivers\ACPI.sys] 
Service AcpiPmi [C:\Windows\system32\drivers\acpipmi.sys] 
Service AdobeARMservice [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe] 
Service AdobeFlashPlayerUpdateSvc [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] 
Service adp94xx [C:\Windows\system32\drivers\adp94xx.sys] 
Service adpahci [C:\Windows\system32\drivers\adpahci.sys] 
Service adpu320 [C:\Windows\system32\drivers\adpu320.sys] 
Service adsi [???] 
Service AdvancedSystemCareService6 [C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe] 
Service AeLookupSvc [C:\Windows\System32\aelupsvc.dll] 
Service AFD [C:\Windows\system32\drivers\afd.sys] 
Service agp440 [C:\Windows\system32\drivers\agp440.sys] 
Service ALG [C:\Windows\System32\alg.exe] 
Service aliide [C:\Windows\system32\drivers\aliide.sys] 
Service amdide [C:\Windows\system32\drivers\amdide.sys] 
Service AmdK8 [C:\Windows\system32\drivers\amdk8.sys] 
Service AmdPPM [C:\Windows\system32\drivers\amdppm.sys] 
Service amdsata [C:\Windows\system32\drivers\amdsata.sys] 
Service amdsbs [C:\Windows\system32\drivers\amdsbs.sys] 
Service amdxata [C:\Windows\system32\drivers\amdxata.sys] 
Service AppID [C:\Windows\system32\drivers\appid.sys] 
Service AppIDSvc [C:\Windows\System32\appidsvc.dll] 
Service Appinfo [C:\Windows\System32\appinfo.dll] 
Service arc [C:\Windows\system32\drivers\arc.sys] 
Service arcsas [C:\Windows\system32\drivers\arcsas.sys] 
Service ASP.NET [???] 
Service ASP.NET_4.0.30319 [???] 
Service aspnet_state [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe] 
Service aswFsBlk [C:\Windows\system32\drivers\aswFsBlk.sys] 
Service aswMonFlt [C:\Windows\system32\drivers\aswMonFlt.sys] 
Service aswRdr [C:\Windows\system32\drivers\aswRdr2.sys] 
Service aswRvrt [C:\Windows\System32\Drivers\aswRvrt.sys] 
Service aswSnx [C:\Windows\system32\drivers\aswSnx.sys] 
Service aswSP [C:\Windows\system32\drivers\aswSP.sys] 
Service aswTdi [C:\Windows\system32\drivers\aswTdi.sys] 
Service aswVmm [C:\Windows\System32\Drivers\aswVmm.sys] 
Service AsyncMac [C:\Windows\system32\DRIVERS\asyncmac.sys] 
Service atapi [C:\Windows\system32\drivers\atapi.sys] 
Service AudioEndpointBuilder [C:\Windows\System32\Audiosrv.dll] 
Service AudioSrv [C:\Windows\System32\Audiosrv.dll] 
Service avast! Antivirus [C:\Program Files\AVAST Software\Avast\AvastSvc.exe] 
Service AxInstSV [C:\Windows\System32\AxInstSV.dll] 
Service b06bdrv [C:\Windows\system32\drivers\bxvbda.sys] 
Service b57nd60a [C:\Windows\system32\DRIVERS\b57nd60a.sys] 
Service BattC [???] 
Service BDESVC [C:\Windows\System32\bdesvc.dll] 
Service Beep [C:\Windows\System32\Drivers\Beep.sys] 
Service BFE [C:\Windows\System32\bfe.dll] 
Service BITS [C:\Windows\System32\qmgr.dll] 
Service blbdrive [C:\Windows\system32\drivers\blbdrive.sys] 
Service Bluetooth Device Monitor [C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe] 
Service Bluetooth Media Service [C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe] 
Service Bluetooth OBEX Service [C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe] 
Service BMLoad [C:\Windows\system32\drivers\BMLoad.sys] 
Service bowser [C:\Windows\system32\DRIVERS\bowser.sys] 
Service BrFiltLo [C:\Windows\system32\drivers\BrFiltLo.sys] 
Service BrFiltUp [C:\Windows\system32\drivers\BrFiltUp.sys] 
Service Browser [C:\Windows\System32\browser.dll] 
Service Brserid [C:\Windows\System32\Drivers\Brserid.sys] 
Service BrSerWdm [C:\Windows\System32\Drivers\BrSerWdm.sys] 
Service BrUsbMdm [C:\Windows\System32\Drivers\BrUsbMdm.sys] 
Service BrUsbSer [C:\Windows\System32\Drivers\BrUsbSer.sys] 
Service BstHdAndroidSvc [C:\Program Files (x86)\BlueStacks\HD-Service.exe] 
Service BstHdDrv [C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys] 
Service BstHdLogRotatorSvc [C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe] 
Service BthEnum [C:\Windows\system32\drivers\BthEnum.sys] 
Service BTHMODEM [C:\Windows\system32\DRIVERS\bthmodem.sys] 
Service BthPan [C:\Windows\system32\DRIVERS\bthpan.sys] 
Service BTHPORT [C:\Windows\System32\Drivers\BTHport.sys] 
Service bthserv [C:\Windows\system32\bthserv.dll] 
Service BTHUSB [C:\Windows\System32\Drivers\BTHUSB.sys] 
Service btmaux [C:\Windows\system32\DRIVERS\btmaux.sys] 
Service btmhsf [C:\Windows\system32\DRIVERS\btmhsf.sys] 
Service cdfs [C:\Windows\system32\DRIVERS\cdfs.sys] 
Service cdrom [C:\Windows\system32\DRIVERS\cdrom.sys] 
Service CertPropSvc [C:\Windows\System32\certprop.dll] 
Service circlass [C:\Windows\system32\drivers\circlass.sys] 
Service CLFS [C:\Windows\System32\CLFS.sys] 
Service clr_optimization_v2.0.50727_32 [C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe] 
Service clr_optimization_v2.0.50727_64 [C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe] 
Service clr_optimization_v4.0.30319_32 [C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe] 
Service clr_optimization_v4.0.30319_64 [C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe] 
Service clwvd [C:\Windows\system32\DRIVERS\clwvd.sys] 
Service CmBatt [C:\Windows\system32\drivers\CmBatt.sys] 
Service cmdide [C:\Windows\system32\drivers\cmdide.sys] 
Service CNG [C:\Windows\System32\Drivers\cng.sys] 
Service Compbatt [C:\Windows\system32\drivers\compbatt.sys] 
Service CompositeBus [C:\Windows\system32\drivers\CompositeBus.sys] 
Service COMSysApp [C:\Windows\system32\dllhost.exe] 
Service crcdisk [C:\Windows\system32\drivers\crcdisk.sys] 
Service crypt32 [???] 
Service CryptSvc [C:\Windows\system32\cryptsvc.dll] 
Service CscService [???] 
Service cvhsvc [C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE] 
Service CVirtA [C:\Windows\system32\DRIVERS\CVirtA64.sys] 
Service CVPND [C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe] 
Service CVPNDRVA [C:\Windows\system32\Drivers\CVPNDRVA.sys] 
Service DCLocator [???] 
Service DcomLaunch [C:\Windows\system32\rpcss.dll] 
Service defragsvc [C:\Windows\System32\defragsvc.dll] 
Service DfsC [C:\Windows\System32\Drivers\dfsc.sys] 
Service Dhcp [C:\Windows\system32\dhcpcore.dll] 
Service discache [C:\Windows\System32\drivers\discache.sys] 
Service Disk [C:\Windows\system32\drivers\disk.sys] 
Service DNE [C:\Windows\system32\DRIVERS\dne64x.sys] 
Service Dnscache [C:\Windows\System32\dnsrslvr.dll] 
Service dot3svc [C:\Windows\System32\dot3svc.dll] 
Service DPS [C:\Windows\system32\dps.dll] 
Service drmkaud [C:\Windows\system32\drivers\drmkaud.sys] 
Service DXGKrnl [C:\Windows\System32\drivers\dxgkrnl.sys] 
Service EapHost [C:\Windows\System32\eapsvc.dll] 
Service ebdrv [C:\Windows\system32\drivers\evbda.sys] 
Service EFS [C:\Windows\System32\lsass.exe] 
Service ehRecvr [C:\Windows\ehome\ehRecvr.exe] 
Service ehSched [C:\Windows\ehome\ehsched.exe] 
Service elxstor [C:\Windows\system32\drivers\elxstor.sys] 
Service EpsonScanSvc [C:\Windows\system32\EscSvc64.exe] 
Service EPSON_EB_RPCV4_04 [C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE] 
Service EPSON_PM_RPCV4_04 [C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE] 
Service ErrDev [C:\Windows\system32\drivers\errdev.sys] 
Service ESENT [???] 
Service eventlog [C:\Windows\System32\wevtsvc.dll] 
Service EventSystem [C:\Windows\system32\es.dll] 
Service EvtEng [C:\Program Files\Intel\WiFi\bin\EvtEng.exe] 
Service exfat [C:\Windows\System32\Drivers\exfat.sys] 
Service fastfat [C:\Windows\System32\Drivers\fastfat.sys] 
Service Fax [C:\Windows\system32\fxssvc.exe] 
Service fdc [C:\Windows\system32\drivers\fdc.sys] 
Service fdPHost [C:\Windows\system32\fdPHost.dll] 
Service FDResPub [C:\Windows\system32\fdrespub.dll] 
Service FileInfo [C:\Windows\system32\drivers\fileinfo.sys] 
Service Filetrace [C:\Windows\system32\drivers\filetrace.sys] 
Service flpydisk [C:\Windows\system32\drivers\flpydisk.sys] 
Service FltMgr [C:\Windows\system32\drivers\fltmgr.sys] 
Service FontCache [C:\Windows\system32\FntCache.dll] 
Service FontCache3.0.0.0 [C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe] 
Service FsDepends [C:\Windows\System32\drivers\FsDepends.sys] 
Service Fs_Rec [C:\Windows\System32\Drivers\Fs_Rec.sys] 
Service fvevol [C:\Windows\System32\DRIVERS\fvevol.sys] 
Service gagp30kx [C:\Windows\system32\drivers\gagp30kx.sys] 
Service gpsvc [C:\Windows\System32\gpsvc.dll] 
Service gupdate [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] 
Service gupdatem [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] 
Service hcw85cir [C:\Windows\system32\drivers\hcw85cir.sys] 
Service HdAudAddService [C:\Windows\system32\drivers\HdAudio.sys] 
Service HDAudBus [C:\Windows\system32\drivers\HDAudBus.sys] 
Service HidBatt [C:\Windows\system32\drivers\HidBatt.sys] 
Service HidBth [C:\Windows\system32\drivers\hidbth.sys] 
Service HidIr [C:\Windows\system32\drivers\hidir.sys] 
Service hidserv [C:\Windows\system32\hidserv.dll] 
Service HidUsb [C:\Windows\system32\drivers\hidusb.sys] 
Service hkmsvc [C:\Windows\system32\kmsvc.dll] 
Service HomeGroupListener [C:\Windows\system32\ListSvc.dll] 
Service HomeGroupProvider [C:\Windows\system32\provsvc.dll] 
Service HpSAMD [C:\Windows\system32\drivers\HpSAMD.sys] 
Service HSPADataCardusbmdm [C:\Windows\system32\DRIVERS\HSPADataCardusbmdm.sys] 
Service HSPADataCardusbnmea [C:\Windows\system32\DRIVERS\HSPADataCardusbnmea.sys] 
Service HSPADataCardusbser [C:\Windows\system32\DRIVERS\HSPADataCardusbser.sys] 
Service HTTP [C:\Windows\system32\drivers\HTTP.sys] 
Service hwpolicy [C:\Windows\System32\drivers\hwpolicy.sys] 
Service i8042prt [C:\Windows\system32\drivers\i8042prt.sys] 
Service ialm [???] 
Service iaStor [C:\Windows\system32\drivers\iaStor.sys] 
Service IAStorDataMgrSvc [C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe] 
Service iaStorV [C:\Windows\system32\drivers\iaStorV.sys] 
Service iBtFltCoex [C:\Windows\system32\DRIVERS\iBtFltCoex.sys] 
Service idsvc [C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe] 
Service igfx [C:\Windows\system32\DRIVERS\igdkmd64.sys] 
Service iirsp [C:\Windows\system32\drivers\iirsp.sys] 
Service IKEEXT [C:\Windows\System32\ikeext.dll] 
Service inetaccs [???] 
Service intaud_WaveExtensible [C:\Windows\system32\drivers\intelaud.sys] 
Service IntcAzAudAddService [C:\Windows\system32\drivers\RTKVHD64.sys] 
Service IntcDAud [C:\Windows\system32\DRIVERS\IntcDAud.sys] 
Service intelide [C:\Windows\system32\drivers\intelide.sys] 
Service intelppm [C:\Windows\system32\DRIVERS\intelppm.sys] 
Service IPBusEnum [C:\Windows\system32\ipbusenum.dll] 
Service IpFilterDriver [C:\Windows\system32\DRIVERS\ipfltdrv.sys] 
Service iphlpsvc [C:\Windows\System32\iphlpsvc.dll] 
Service IPMIDRV [C:\Windows\system32\drivers\IPMIDrv.sys] 
Service IPNAT [C:\Windows\System32\drivers\ipnat.sys] 
Service IRENUM [C:\Windows\system32\drivers\irenum.sys] 
Service isapnp [C:\Windows\system32\drivers\isapnp.sys] 
Service iScsiPrt [C:\Windows\system32\drivers\msiscsi.sys] 
Service iwdbus [C:\Windows\system32\drivers\iwdbus.sys] 
Service kbdclass [C:\Windows\system32\DRIVERS\kbdclass.sys] 
Service kbdhid [C:\Windows\system32\DRIVERS\kbdhid.sys] 
Service KeyIso [C:\Windows\system32\lsass.exe] 
Service KSecDD [C:\Windows\System32\Drivers\ksecdd.sys] 
Service KSecPkg [C:\Windows\System32\Drivers\ksecpkg.sys] 
Service ksthunk [C:\Windows\system32\drivers\ksthunk.sys] 
Service KtmRm [C:\Windows\system32\msdtckrm.dll] 
Service L1C [C:\Windows\system32\DRIVERS\L1C62x64.sys] 
Service LanmanServer [C:\Windows\system32\srvsvc.dll] 
Service LanmanWorkstation [C:\Windows\System32\wkssvc.dll] 
Service ldap [???] 
Service lltdio [C:\Windows\system32\DRIVERS\lltdio.sys] 
Service lltdsvc [C:\Windows\System32\lltdsvc.dll] 
Service lmhosts [C:\Windows\System32\lmhsvc.dll] 
Service LMS [C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe] 
Service Lsa [???] 
Service LSI_FC [C:\Windows\system32\drivers\lsi_fc.sys] 
Service LSI_SAS [C:\Windows\system32\drivers\lsi_sas.sys] 
Service LSI_SAS2 [C:\Windows\system32\drivers\lsi_sas2.sys] 
Service LSI_SCSI [C:\Windows\system32\drivers\lsi_scsi.sys] 
Service luafv [C:\Windows\system32\drivers\luafv.sys] 
Service massfilter [C:\Windows\system32\drivers\massfilter.sys] 
Service MAV Client PerfMon Provider [???] 
Service McComponentHostService [C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe] 
Service Mcx2Svc [C:\Windows\system32\Mcx2Svc.dll] 
Service megasas [C:\Windows\system32\drivers\megasas.sys] 
Service MegaSR [C:\Windows\system32\drivers\MegaSR.sys] 
Service MEIx64 [C:\Windows\system32\drivers\HECIx64.sys] 
Service MMCSS [C:\Windows\system32\mmcss.dll] 
Service mod7764 [C:\Windows\system32\DRIVERS\mod77-64.sys] 
Service Modem [C:\Windows\system32\drivers\modem.sys] 
Service monitor [C:\Windows\system32\DRIVERS\monitor.sys] 
Service mouclass [C:\Windows\system32\DRIVERS\mouclass.sys] 
Service mouhid [C:\Windows\system32\DRIVERS\mouhid.sys] 
Service mountmgr [C:\Windows\System32\drivers\mountmgr.sys] 
Service MozillaMaintenance [C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe] 
Service mpio [C:\Windows\system32\drivers\mpio.sys] 
Service mpsdrv [C:\Windows\System32\drivers\mpsdrv.sys] 
Service MpsSvc [C:\Windows\system32\mpssvc.dll] 
Service MRxDAV [C:\Windows\system32\drivers\mrxdav.sys] 
Service mrxsmb [C:\Windows\system32\DRIVERS\mrxsmb.sys] 
Service mrxsmb10 [C:\Windows\system32\DRIVERS\mrxsmb10.sys] 
Service mrxsmb20 [C:\Windows\system32\DRIVERS\mrxsmb20.sys] 
Service msahci [C:\Windows\system32\drivers\msahci.sys] 
Service msdsm [C:\Windows\system32\drivers\msdsm.sys] 
Service MSDTC [C:\Windows\System32\msdtc.exe] 
Service MSDTC Bridge 3.0.0.0 [???] 
Service MSDTC Bridge 4.0.0.0 [???] 
Service Msfs [C:\Windows\System32\Drivers\Msfs.sys] 
Service mshidkmdf [C:\Windows\System32\drivers\mshidkmdf.sys] 
Service msisadrv [C:\Windows\system32\drivers\msisadrv.sys] 
Service MSiSCSI [C:\Windows\system32\iscsiexe.dll] 
Service msiserver [C:\Windows\system32\msiexec.exe] 
Service MSKSSRV [C:\Windows\system32\drivers\MSKSSRV.sys] 
Service MSPCLOCK [C:\Windows\system32\drivers\MSPCLOCK.sys] 
Service MSPQM [C:\Windows\system32\drivers\MSPQM.sys] 
Service MsRPC [C:\Windows\System32\Drivers\MsRPC.sys] 
Service MSSCNTRS [???] 
Service mssmbios [C:\Windows\system32\drivers\mssmbios.sys] 
Service MSTEE [C:\Windows\system32\drivers\MSTEE.sys] 
Service MTConfig [C:\Windows\system32\drivers\MTConfig.sys] 
Service Mup [C:\Windows\System32\Drivers\mup.sys] 
Service MyWiFiDHCPDNS [C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe] 
Service napagent [C:\Windows\system32\qagentRT.dll] 
Service NativeWifiP [C:\Windows\system32\DRIVERS\nwifi.sys] 
Service NDIS [C:\Windows\system32\drivers\ndis.sys] 
Service NdisCap [C:\Windows\system32\DRIVERS\ndiscap.sys] 
Service NdisTapi [C:\Windows\system32\DRIVERS\ndistapi.sys] 
Service Ndisuio [C:\Windows\system32\DRIVERS\ndisuio.sys] 
Service NdisWan [C:\Windows\system32\DRIVERS\ndiswan.sys] 
Service NDProxy [C:\Windows\System32\Drivers\NDProxy.sys] 
Service NetBIOS [C:\Windows\system32\DRIVERS\netbios.sys] 
Service NetBT [C:\Windows\System32\DRIVERS\netbt.sys] 
Service Netlogon [C:\Windows\system32\lsass.exe] 
Service Netman [C:\Windows\System32\netman.dll] 
Service NetMsmqActivator [c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] 
Service NetPipeActivator [c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] 
Service netprofm [C:\Windows\System32\netprofm.dll] 
Service NetTcpActivator [c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] 
Service NetTcpPortSharing [c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe] 
Service NETwNs64 [C:\Windows\system32\DRIVERS\NETwNs64.sys] 
Service nfrd960 [C:\Windows\system32\drivers\nfrd960.sys] 
Service NlaSvc [C:\Windows\System32\nlasvc.dll] 
Service Npfs [C:\Windows\System32\Drivers\Npfs.sys] 
Service nsi [C:\Windows\system32\nsisvc.dll] 
Service nsiproxy [C:\Windows\system32\drivers\nsiproxy.sys] 
Service NTDS [???] 
Service Ntfs [C:\Windows\System32\Drivers\Ntfs.sys] 
Service Null [C:\Windows\System32\Drivers\Null.sys] 
Service nusb3hub [C:\Windows\system32\drivers\nusb3hub.sys] 
Service nusb3xhc [C:\Windows\system32\drivers\nusb3xhc.sys] 
Service nvraid [C:\Windows\system32\drivers\nvraid.sys] 
Service nvstor [C:\Windows\system32\drivers\nvstor.sys] 
Service nv_agp [C:\Windows\system32\drivers\nv_agp.sys] 
Service ohci1394 [C:\Windows\system32\drivers\ohci1394.sys] 
Service ose [C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE] 
Service osppsvc [C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE] 
Service p2pimsvc [C:\Windows\system32\pnrpsvc.dll] 
Service p2psvc [C:\Windows\system32\p2psvc.dll] 
Service Parport [C:\Windows\system32\drivers\parport.sys] 
Service partmgr [C:\Windows\System32\drivers\partmgr.sys] 
Service PcaSvc [C:\Windows\System32\pcasvc.dll] 
Service pci [C:\Windows\system32\drivers\pci.sys] 
Service pciide [C:\Windows\system32\drivers\pciide.sys] 
Service pcmcia [C:\Windows\system32\drivers\pcmcia.sys] 
Service pcw [C:\Windows\System32\drivers\pcw.sys] 
Service PEAUTH [C:\Windows\system32\drivers\peauth.sys] 
Service PeerDistSvc [???] 
Service PerfDisk [???] 
Service PerfHost [C:\Windows\SysWow64\perfhost.exe] 
Service PerfNet [???] 
Service PerfOS [???] 
Service PerfProc [???] 
Service pla [C:\Windows\system32\pla.dll] 
Service PlugPlay [C:\Windows\system32\umpnpmgr.dll] 
Service PNRPAutoReg [C:\Windows\system32\pnrpauto.dll] 
Service PNRPsvc [C:\Windows\system32\pnrpsvc.dll] 
Service PolicyAgent [C:\Windows\System32\ipsecsvc.dll] 
Service PortProxy [???] 
Service Power [C:\Windows\system32\umpo.dll] 
Service PptpMiniport [C:\Windows\system32\DRIVERS\raspptp.sys] 
Service Processor [C:\Windows\system32\drivers\processr.sys] 
Service ProfSvc [C:\Windows\system32\profsvc.dll] 
Service ProtectedStorage [C:\Windows\system32\lsass.exe] 
Service Psched [C:\Windows\system32\DRIVERS\pacer.sys] 
Service PSI_SVC_2 [c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe] 
Service ql2300 [C:\Windows\system32\drivers\ql2300.sys] 
Service ql40xx [C:\Windows\system32\drivers\ql40xx.sys] 
Service QWAVE [C:\Windows\system32\qwave.dll] 
Service QWAVEdrv [C:\Windows\system32\drivers\qwavedrv.sys] 
Service RasAcd [C:\Windows\System32\DRIVERS\rasacd.sys] 
Service RasAgileVpn [C:\Windows\system32\DRIVERS\AgileVpn.sys] 
Service RasAuto [C:\Windows\System32\rasauto.dll] 
Service Rasl2tp [C:\Windows\system32\DRIVERS\rasl2tp.sys] 
Service RasMan [C:\Windows\System32\rasmans.dll] 
Service RasPppoe [C:\Windows\system32\DRIVERS\raspppoe.sys] 
Service RasSstp [C:\Windows\system32\DRIVERS\rassstp.sys] 
Service rdbss [C:\Windows\system32\DRIVERS\rdbss.sys] 
Service rdpbus [C:\Windows\system32\drivers\rdpbus.sys] 
Service RDPCDD [C:\Windows\System32\DRIVERS\RDPCDD.sys] 
Service RDPDD [???] 
Service RDPENCDD [C:\Windows\system32\drivers\rdpencdd.sys] 
Service RDPNP [???] 
Service RDPREFMP [C:\Windows\system32\drivers\rdprefmp.sys] 
Service RDPWD [C:\Windows\System32\Drivers\RDPWD.sys] 
Service rdyboost [C:\Windows\System32\drivers\rdyboost.sys] 
Service RegSrvc [C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe] 
Service RemoteAccess [C:\Windows\System32\mprdim.dll] 
Service RemoteRegistry [C:\Windows\system32\regsvc.dll] 
Service RFCOMM [C:\Windows\system32\DRIVERS\rfcomm.sys] 
Service RichVideo [C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe] 
Service RpcEptMapper [C:\Windows\System32\RpcEpMap.dll] 
Service RpcLocator [C:\Windows\system32\locator.exe] 
Service RpcSs [C:\Windows\system32\rpcss.dll] 
Service rspndr [C:\Windows\system32\DRIVERS\rspndr.sys] 
Service RSUSBVSTOR [C:\Windows\System32\Drivers\RtsUVStor.sys] 
Service SamSs [C:\Windows\system32\lsass.exe] 
Service savesenselive [C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe] 
Service savesenselivem [C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe] 
Service sbp2port [C:\Windows\system32\drivers\sbp2port.sys] 
Service SCardSvr [C:\Windows\System32\SCardSvr.dll] 
Service scfilter [C:\Windows\System32\DRIVERS\scfilter.sys] 
Service Schedule [C:\Windows\system32\schedsvc.dll] 
Service SCPolicySvc [C:\Windows\System32\certprop.dll] 
Service SDRSVC [C:\Windows\System32\SDRSVC.dll] 
Service secdrv [C:\Windows\System32\Drivers\secdrv.sys] 
Service seclogon [C:\Windows\system32\seclogon.dll] 
Service SENS [C:\Windows\System32\sens.dll] 
Service SensrSvc [C:\Windows\system32\sensrsvc.dll] 
Service Serenum [C:\Windows\system32\drivers\serenum.sys] 
Service Serial [C:\Windows\system32\drivers\serial.sys] 
Service sermouse [C:\Windows\system32\drivers\sermouse.sys] 
Service ServiceModelEndpoint 3.0.0.0 [???] 
Service ServiceModelOperation 3.0.0.0 [???] 
Service ServiceModelService 3.0.0.0 [???] 
Service SessionEnv [C:\Windows\system32\sessenv.dll] 
Service sffdisk [C:\Windows\system32\drivers\sffdisk.sys] 
Service sffp_mmc [C:\Windows\system32\drivers\sffp_mmc.sys] 
Service sffp_sd [C:\Windows\system32\drivers\sffp_sd.sys] 
Service sfloppy [C:\Windows\system32\drivers\sfloppy.sys] 
Service Sftfs [C:\Windows\system32\DRIVERS\Sftfslh.sys] 
Service sftlist [C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe] 
Service Sftplay [C:\Windows\system32\DRIVERS\Sftplaylh.sys] 
Service Sftredir [C:\Windows\system32\DRIVERS\Sftredirlh.sys] 
Service Sftvol [C:\Windows\system32\DRIVERS\Sftvollh.sys] 
Service sftvsa [C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe] 
Service SharedAccess [C:\Windows\System32\ipnathlp.dll] 
Service ShellHWDetection [C:\Windows\System32\shsvcs.dll] 
Service SiSRaid2 [C:\Windows\system32\drivers\SiSRaid2.sys] 
Service SiSRaid4 [C:\Windows\system32\drivers\sisraid4.sys] 
Service SkypeUpdate [C:\Program Files (x86)\Skype\Updater\Updater.exe] 
Service Smb [C:\Windows\system32\DRIVERS\smb.sys] 
Service SMSvcHost 3.0.0.0 [???] 
Service SMSvcHost 4.0.0.0 [???] 
Service SNMPTRAP [C:\Windows\System32\snmptrap.exe] 
Service spldr [C:\Windows\System32\Drivers\spldr.sys] 
Service Spooler [C:\Windows\System32\spoolsv.exe] 
Service sppsvc [C:\Windows\system32\sppsvc.exe] 
Service sppuinotify [C:\Windows\system32\sppuinotify.dll] 
Service srv [C:\Windows\System32\DRIVERS\srv.sys] 
Service srv2 [C:\Windows\System32\DRIVERS\srv2.sys] 
Service srvnet [C:\Windows\System32\DRIVERS\srvnet.sys] 
Service SSDPSRV [C:\Windows\System32\ssdpsrv.dll] 
Service SstpSvc [C:\Windows\system32\sstpsvc.dll] 
Service stexstor [C:\Windows\system32\drivers\stexstor.sys] 
Service stisvc [C:\Windows\System32\wiaservc.dll] 
Service swenum [C:\Windows\system32\drivers\swenum.sys] 
Service swprv [C:\Windows\System32\swprv.dll] 
Service SynTP [C:\Windows\system32\drivers\SynTP.sys] 
Service SysMain [C:\Windows\system32\sysmain.dll] 
Service TabletInputService [C:\Windows\System32\TabSvc.dll] 
Service TapiSrv [C:\Windows\System32\tapisrv.dll] 
Service TBS [C:\Windows\System32\tbssvc.dll] 
Service Tcpip [C:\Windows\System32\drivers\tcpip.sys] 
Service TCPIP6 [C:\Windows\system32\DRIVERS\tcpip.sys] 
Service TCPIP6TUNNEL [???] 
Service tcpipBM [C:\Windows\system32\drivers\tcpipBM.sys] 
Service tcpipreg [C:\Windows\System32\drivers\tcpipreg.sys] 
Service TCPIPTUNNEL [???] 
Service TDPIPE [C:\Windows\system32\drivers\tdpipe.sys] 
Service TDTCP [C:\Windows\system32\drivers\tdtcp.sys] 
Service tdx [C:\Windows\system32\DRIVERS\tdx.sys] 
Service TermDD [C:\Windows\system32\drivers\termdd.sys] 
Service TermService [C:\Windows\System32\termsrv.dll] 
Service Themes [C:\Windows\system32\themeservice.dll] 
Service THREADORDER [C:\Windows\system32\mmcss.dll] 
Service TrkWks [C:\Windows\System32\trkwks.dll] 
Service TrustedInstaller [C:\Windows\servicing\TrustedInstaller.exe] 
Service TSDDD [???] 
Service tssecsrv [C:\Windows\System32\DRIVERS\tssecsrv.sys] 
Service TsUsbFlt [C:\Windows\system32\drivers\tsusbflt.sys] 
Service TsUsbGD [C:\Windows\system32\drivers\TsUsbGD.sys] 
Service tunnel [C:\Windows\system32\DRIVERS\tunnel.sys] 
Service uagp35 [C:\Windows\system32\drivers\uagp35.sys] 
Service udfs [C:\Windows\system32\DRIVERS\udfs.sys] 
Service UGatherer [???] 
Service UGTHRSVC [???] 
Service UI0Detect [C:\Windows\system32\UI0Detect.exe] 
Service uliagpkx [C:\Windows\system32\drivers\uliagpkx.sys] 
Service umbus [C:\Windows\system32\DRIVERS\umbus.sys] 
Service UmPass [C:\Windows\system32\drivers\umpass.sys] 
Service UNS [C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe] 
Service upnphost [C:\Windows\System32\upnphost.dll] 
Service usbaudio [C:\Windows\system32\drivers\usbaudio.sys] 
Service usbccgp [C:\Windows\system32\DRIVERS\usbccgp.sys] 
Service usbcir [C:\Windows\system32\drivers\usbcir.sys] 
Service usbehci [C:\Windows\system32\drivers\usbehci.sys] 
Service usbhub [C:\Windows\system32\DRIVERS\usbhub.sys] 
Service usbohci [C:\Windows\system32\drivers\usbohci.sys] 
Service usbprint [C:\Windows\system32\DRIVERS\usbprint.sys] 
Service usbscan [C:\Windows\system32\drivers\usbscan.sys] 
Service USBSTOR [C:\Windows\system32\DRIVERS\USBSTOR.SYS] 
Service usbuhci [C:\Windows\system32\drivers\usbuhci.sys] 
Service usbvideo [C:\Windows\System32\Drivers\usbvideo.sys] 
Service UxSms [C:\Windows\System32\uxsms.dll] 
Service VaultSvc [C:\Windows\system32\lsass.exe] 
Service vdrvroot [C:\Windows\system32\drivers\vdrvroot.sys] 
Service vds [C:\Windows\System32\vds.exe] 
Service vga [C:\Windows\system32\DRIVERS\vgapnp.sys] 
Service VgaSave [C:\Windows\System32\drivers\vga.sys] 
Service vhdmp [C:\Windows\system32\drivers\vhdmp.sys] 
Service viaide [C:\Windows\system32\drivers\viaide.sys] 
Service volmgr [C:\Windows\system32\drivers\volmgr.sys] 
Service volmgrx [C:\Windows\System32\drivers\volmgrx.sys] 
Service volsnap [C:\Windows\system32\drivers\volsnap.sys] 
Service vsmraid [C:\Windows\system32\drivers\vsmraid.sys] 
Service VSS [C:\Windows\system32\vssvc.exe] 
Service vwifibus [C:\Windows\system32\DRIVERS\vwifibus.sys] 
Service vwififlt [C:\Windows\system32\DRIVERS\vwififlt.sys] 
Service vwifimp [C:\Windows\system32\DRIVERS\vwifimp.sys] 
Service W32Time [C:\Windows\system32\w32time.dll] 
Service W3SVC [???] 
Service WacomPen [C:\Windows\system32\drivers\wacompen.sys] 
Service WANARP [C:\Windows\system32\DRIVERS\wanarp.sys] 
Service Wanarpv6 [C:\Windows\system32\DRIVERS\wanarp.sys] 
Service watchmi [C:\Program Files (x86)\watchmi\TvdService.exe] 
Service wbengine [C:\Windows\system32\wbengine.exe] 
Service WbioSrvc [C:\Windows\System32\wbiosrvc.dll] 
Service wcncsvc [C:\Windows\System32\wcncsvc.dll] 
Service WcsPlugInService [C:\Windows\System32\WcsPlugInService.dll] 
Service Wd [C:\Windows\system32\drivers\wd.sys] 
Service Wdf01000 [C:\Windows\system32\drivers\Wdf01000.sys] 
Service WdiServiceHost [C:\Windows\system32\wdi.dll] 
Service WdiSystemHost [C:\Windows\system32\wdi.dll] 
Service wdkmd [C:\Windows\system32\DRIVERS\WDKMD.sys] 
Service WebClient [C:\Windows\System32\webclnt.dll] 
Service Wecsvc [C:\Windows\system32\wecsvc.dll] 
Service wercplsupport [C:\Windows\System32\wercplsupport.dll] 
Service WerSvc [C:\Windows\System32\WerSvc.dll] 
Service WfpLwf [C:\Windows\system32\DRIVERS\wfplwf.sys] 
Service WIMMount [C:\Windows\system32\drivers\wimmount.sys] 
Service WinDefend [C:\Program Files\Windows Defender\mpsvc.dll] 
Service Windows Workflow Foundation 3.0.0.0 [???] 
Service Windows Workflow Foundation 4.0.0.0 [???] 
Service WinHttpAutoProxySvc [C:\Windows\system32\winhttp.dll] 
Service Winmgmt [C:\Windows\system32\wbem\WMIsvc.dll] 
Service WinRing0_1_2_0 [C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys] 
Service WinRM [C:\Windows\system32\WsmSvc.dll] 
Service Winsock [C:\Windows\System32\Drivers\Winsock.sys] 
Service WinSock2 [???] 
Service WinUsb [C:\Windows\system32\DRIVERS\WinUsb.sys] 
Service WisLMSvc [C:\Program Files (x86)\Launch Manager\WisLMSvc.exe] 
Service Wlansvc [C:\Windows\System32\wlansvc.dll] 
Service wlidsvc [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE] 
Service WmiAcpi [C:\Windows\system32\drivers\wmiacpi.sys] 
Service WmiApRpl [???] 
Service wmiApSrv [C:\Windows\system32\wbem\WmiApSrv.exe] 
Service WMPNetworkSvc [C:\Program Files\Windows Media Player\wmpnetwk.exe] 
Service WPCSvc [C:\Windows\System32\wpcsvc.dll] 
Service WPDBusEnum [C:\Windows\system32\wpdbusenum.dll] 
Service ws2ifsl [C:\Windows\system32\drivers\ws2ifsl.sys] 
Service wscsvc [C:\Windows\System32\wscsvc.dll] 
Service WSDPrintDevice [C:\Windows\system32\DRIVERS\WSDPrint.sys] 
Service WSearch [C:\Windows\system32\SearchIndexer.exe] 
Service WSearchIdxPi [???] 
Service wuauserv [C:\Windows\system32\wuaueng.dll] 
Service WudfPf [C:\Windows\system32\drivers\WudfPf.sys] 
Service WUDFRd [C:\Windows\system32\DRIVERS\WUDFRd.sys] 
Service wudfsvc [C:\Windows\System32\WUDFSvc.dll] 
Service WwanSvc [C:\Windows\System32\wwansvc.dll] 
Service X10Hid [C:\Windows\System32\Drivers\x10hid.sys] 
Service x10nets [C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe] 
Service X6va008 [C:\Users\Sofo\AppData\Local\Temp\008E123.tmp] 
Service xmlprov [???] 
Service XUIF [C:\Windows\System32\Drivers\x10ufx2.sys] 
Service {2C98CD9E-06C7-4B36-AC4B-6E3E3B0E020D} [???] 
Service {3B19E57C-CEFE-404C-B1D6-411A9CFF3BDC} [???] 
Service {86DD59FC-FF24-4A07-9C3E-C46AC9E7255C} [???] 
Service {B530E58C-F734-4EA0-B6EE-B2A13206738A} [???] 
Service {EB47A802-7194-47AF-9280-064BE5351453} [???] 
Service {F6AD2D82-7616-4A33-9B02-0FA0748370C6} [???] 

Scan finished: Mittwoch, 16. April 2014 15:14:31
Hidden files found: 0
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0


----------
Ansonsten fand ich noch diese Datei mit den entsprechenden Funden:

Code:
ATTFilter
04/16/2014 11:02
Prüfung aller lokalen Laufwerke

Datei C:\Backup My Data\Sofo\Downloads\Rammstein_-_Made_in_Germany_1995-2011_CD1_(2011).rar.part|>Rammstein - Made in Germany 1995-2011 CD1 (2011)\06 - Du riechst so gut.mp3 Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei C:\Downloads\HC2Setup.exe|>$TEMP\BetterInstaller.exe ist infiziert von Win32:Somoto-B [PUP], In Container verschoben
Datei C:\Downloads\HC2Setup.exe ist infiziert von Win32:Somoto-J [PUP], In Container verschoben
Datei C:\Downloads\HC2Setup64.exe|>$TEMP\BetterInstaller.exe ist infiziert von Win32:Somoto-B [PUP], In Container verschoben
Datei C:\Downloads\HC2Setup64.exe ist infiziert von Win32:Somoto-J [PUP], In Container verschoben
Datei C:\Program Files (x86)\SaveSense\SaveSense.xpi|>content\savesense.xul ist infiziert von JS:SaveSense-A [Adw], In Container verschoben
Datei C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content\savesense.xul ist infiziert von JS:SaveSense-A [Adw], In Container verschoben
Datei C:\Users\Sofo\Downloads\FlashPlayersetup__3873_i315003136_il155.exe ist infiziert von Win32:Amonetize-Q [PUP], In Container verschoben
Datei C:\Users\Sofo\Downloads\V.a.-Bravo+The+Hits+2013.exe ist infiziert von Win32:InstalleRex-AI [PUP], Gelöscht
Datei C:\Users\Sofo\Downloads\microsoft_powerpoint_2010.exe ist infiziert von Win32:Oneclick-H [PUP], In Container verschoben
Datei C:\Users\Sofo\Downloads\7ZipSetup.exe|>$TEMP\biclient.exe ist infiziert von Win32:PUP-gen [PUP], In Container verschoben
Datei C:\Users\Sofo\Downloads\7ZipSetup.exe ist infiziert von Win32:Somoto-J [PUP], In Container verschoben
Datei C:\Users\Sofo\Downloads\83brVO.rar.part|>83brVO\Bravo Hits Vol. 83 (2013)\CD1\16 - Der letzte Blick.mp3 Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei C:\Wiederhergestellt\Für Juju\Freizeit\2008.12.11_Plätzchen_backen_bei_Paul\wir 6.jpg|>avg_hu.lng Fehler 42127 {CAB-Archiv ist beschädigt.}
Datei C:\Wiederhergestellt\Für Juju\Freizeit\2009.01.24_Honigbrunnen\DSCI0055.JPG|>safeguard.exe Fehler 42127 {CAB-Archiv ist beschädigt.}
Datei C:\Wiederhergestellt\Unbekannter Ordner\42450_3.JPG|>avg_pb.lng Fehler 42127 {CAB-Archiv ist beschädigt.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 19.zip|>C\Users\Sofo\Downloads\Audition_Setup.exe|>%AppFolder%\ABM\eu0114.tbm Fehler 42145 {Installationsarchiv ist beschädigt.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 36.zip|>C\Users\Sofo\Downloads\Rammstein_-_Made_in_Germany_1995-2011_CD1_(2011).rar.part|>Rammstein - Made in Germany 1995-2011 CD1 (2011)\06 - Du riechst so gut.mp3 Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 7.zip|>C\Users\Sofo\Downloads\FreeDVDVideoConverter.exe|>{cf}\DVDVideoSoft\TB\ConduitInstaller.exe Fehler 42110 {Die Datei ist eine Archivbombe.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 7.zip|>C\Users\Sofo\Downloads\FreeDVDVideoConverter.exe Fehler 42110 {Die Datei ist eine Archivbombe.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 7.zip Fehler 42110 {Die Datei ist eine Archivbombe.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 74.zip|>C\Users\Sofo\Pictures\DCIM\DCIM.zip|>2012.08.25_Dortmund_mit_Ari_und_Lobo\DSC04005.JPG Fehler 42125 {ZIP-Archiv ist beschädigt.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 8.zip|>C\Users\Sofo\Downloads\winamp5621_full_emusic-7plus_de-de.exe Fehler 42110 {Die Datei ist eine Archivbombe.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 8.zip Fehler 42110 {Die Datei ist eine Archivbombe.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 83.zip|>C\Users\Sofo\Downloads\Eurovision Song Contest 2012.rar|>Eurovision Song Contest 2012\Eurovision Song Contest - Baku 2012- The Netherlands  - Joan Franka - You and me.mp3 Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 88.zip|>C\Users\Sofo\Downloads\Rammstein-Made_in_Germany_(1995-2011)-2CD-DE-2011-VOiCE.rar|>Rammstein-Made_in_Germany_(1995-2011)-2CD-DE-2011-VOiCE\211_rammstein_-_keine_list_(rmx_by_black_strobe).mp3 Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-17 223049\Backup files 67.zip|>C\Users\Sofo\Pictures\DSC02216.zip|>DSC02199.JPG Fehler 42125 {ZIP-Archiv ist beschädigt.}
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-01-27 224456\Backup files 5.zip|>C\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 ist infiziert von JS:Iframe-DCG [Trj], In Container verschoben
Datei D:\ERNST\Backup Set 2013-01-17 223049\Backup Files 2013-02-03 190009\Backup files 6.zip|>C\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 ist infiziert von JS:Iframe-DCG [Trj], In Container verschoben
Anzahl durchsuchter Ordner: 59401
Anzahl der geprüften Dateien: 1957540
Anzahl infizierter Dateien: 13


Alt 16.04.2014, 22:23   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Kann es sein, dass du da ein wenig sorglos und wild irgendwelche Musik runterlädst aus unoffiziellen/illegalen Quellen? Das musst du einstellen wenn sonst muss man sich nicht beklagen, dass man früher oder später ein versifftes System hat.
__________________
--> Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)

Alt 16.04.2014, 22:35   #7
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Das ist mir schon klar, deswegen kommt es inzwischen ja auch nicht mehr vor.

Alt 16.04.2014, 22:54   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.04.2014, 00:26   #9
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Code:
ATTFilter
ComboFix 14-04-12.01 - Sofo 17.04.2014   0:51.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4003.1957 [GMT 2:00]
ausgeführt von:: c:\users\Sofo\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\kikin
c:\program files (x86)\kikin\default_settings.xml
c:\program files (x86)\kikin\file_list.txt
c:\program files (x86)\kikin\ie_kikin.dll
c:\program files (x86)\kikin\KikinBroker.exe
c:\program files (x86)\kikin\KikinCrashReporter.exe
c:\program files (x86)\kikin\uninst.exe
c:\program files (x86)\SaveSense
c:\program files (x86)\SaveSense\icon.ico
c:\program files (x86)\SaveSense\SaveSense.crx
c:\program files (x86)\SaveSense\SaveSense.xpi
c:\program files (x86)\SaveSense\SaveSenseIE.dll
c:\program files (x86)\SaveSense\SaveSenseIE64.dll
c:\program files (x86)\SaveSense\SaveSenseUpdateVer.exe
c:\program files (x86)\SaveSense\uninst.exe
c:\program files (x86)\SaveSenseLive
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_am.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ar.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bg.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bn.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ca.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_cs.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_da.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_de.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_el.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en-GB.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es-419.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_et.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fa.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fi.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fil.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_gu.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hi.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hu.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_id.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_is.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_it.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_iw.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ja.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_kn.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ko.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lt.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lv.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ml.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_mr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ms.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_nl.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_no.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pl.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-BR.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-PT.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ro.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ru.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sk.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sl.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sv.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sw.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ta.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_te.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_th.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_tr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_uk.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ur.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_vi.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-CN.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-TW.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHelper.msi
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe
c:\program files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\programdata\Roaming
c:\programdata\SaveSenseLive
c:\programdata\SaveSenseLive\Update\Log\SaveSenseLive.log
c:\users\Sofo\AppData\Local\TempDIR
c:\users\Sofo\AppData\Roaming\.#
c:\users\Sofo\AppData\Roaming\kikin
c:\users\Sofo\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Sofo\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Sofo\AppData\Roaming\kikin\ie_settings.xml
c:\users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
c:\users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense\SaveSense Help.url
c:\users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense\SaveSense.url
c:\users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense\Uninstall SaveSense.lnk
c:\users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\users\Sofo\AppData\Roaming\SaveSense
c:\users\Sofo\AppData\Roaming\SaveSense\UpdateProc\config.dat
c:\users\Sofo\AppData\Roaming\SaveSense\UpdateProc\STTL.DAT
c:\users\Sofo\AppData\Roaming\SaveSense\UpdateProc\TTL.DAT
c:\users\Sofo\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe
c:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_savesenselive
-------\Service_savesenselivem
-------\Service_savesenselivem
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-16 bis 2014-04-16  ))))))))))))))))))))))))))))))
.
.
2014-04-16 16:21 . 2014-04-16 16:21	--------	d-----w-	c:\users\Sofo\AppData\Roaming\kSub
2014-04-16 16:21 . 2014-04-16 16:21	--------	d-----w-	c:\program files (x86)\kSub
2014-04-16 16:20 . 2014-04-16 16:24	--------	d-----w-	c:\program files (x86)\Combined Community Codec Pack
2014-04-16 14:16 . 2014-04-16 14:22	--------	d-----w-	C:\FRST
2014-04-10 22:00 . 2014-04-10 22:00	0	----a-w-	c:\windows\SysWow64\shoBF81.tmp
2014-04-09 15:03 . 2014-03-04 09:44	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-04-09 15:03 . 2014-03-04 09:17	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-04-09 15:03 . 2014-03-04 08:09	2048	----a-w-	c:\windows\SysWow64\user.exe
2014-04-09 15:03 . 2014-03-04 09:44	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-04-09 15:03 . 2014-03-04 09:16	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-04-09 15:03 . 2014-03-04 09:16	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-04-09 15:03 . 2014-03-04 08:09	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-04-09 15:03 . 2014-03-04 09:44	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-04-09 15:03 . 2014-03-04 09:44	243712	----a-w-	c:\windows\system32\wow64.dll
2014-04-09 15:03 . 2014-03-04 09:44	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-04-01 18:47 . 2014-04-01 18:47	--------	d-----w-	c:\users\Sofo\workspace
2014-04-01 18:45 . 2014-04-01 18:48	--------	d-----w-	c:\users\Sofo\.android
2014-03-21 14:20 . 2014-03-21 14:20	0	----a-w-	c:\windows\SysWow64\sho1123.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-14 09:00 . 2013-03-15 11:25	684916	----a-w-	c:\windows\unins000.exe
2014-03-19 11:15 . 2013-11-26 23:49	578256	------w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-03-12 21:25 . 2013-02-11 18:22	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 21:25 . 2013-02-11 18:22	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 09:17 . 2014-04-09 15:03	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-07 01:23 . 2014-03-12 13:17	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 02:32 . 2014-03-12 13:15	624128	----a-w-	c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-12 13:15	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-01-29 22:58 . 2014-01-29 22:58	0	----a-w-	c:\windows\SysWow64\sho22D0.tmp
2014-01-29 02:32 . 2014-03-12 13:17	484864	----a-w-	c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-12 13:17	381440	----a-w-	c:\windows\SysWow64\wer.dll
2014-01-26 01:20 . 2014-01-26 01:20	0	----a-w-	c:\windows\SysWow64\shoC2FD.tmp
2014-01-23 17:52 . 2014-01-23 17:52	0	----a-w-	c:\windows\SysWow64\shoA317.tmp
2014-01-20 23:43 . 2014-01-20 23:43	0	----a-w-	c:\windows\SysWow64\shoFE4D.tmp
2014-01-20 00:31 . 2014-01-20 00:31	0	----a-w-	c:\windows\SysWow64\sho1104.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-12-04 15:54	294456	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-27 22:38	222832	----a-w-	c:\users\Sofo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-27 22:38	222832	----a-w-	c:\users\Sofo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-27 22:38	222832	----a-w-	c:\users\Sofo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sofo\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sofo\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sofo\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
"AmazonMP3DownloaderHelper"="c:\users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2010-12-15 207400]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2011-10-31 1058400]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-09-19 606024]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-26 3568312]
.
c:\users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbmdm.sys [x]
R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbnmea.sys [x]
R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\DRIVERS\HSPADataCardusbser.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbser.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 mod7764;Tv Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys;c:\windows\SYSNATIVE\DRIVERS\mod77-64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
R3 X6va008;X6va008;c:\users\Sofo\AppData\Local\Temp\008E123.tmp;c:\users\Sofo\AppData\Local\Temp\008E123.tmp [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys;c:\windows\SYSNATIVE\drivers\BMLoad.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe;c:\program files (x86)\watchmi\TvdService.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys;c:\windows\SYSNATIVE\Drivers\x10hid.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 14:08	1077576	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 21:25]
.
2014-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10 18:04]
.
2014-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10 18:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-12-04 15:54	357432	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-27 22:38	261744	----a-w-	c:\users\Sofo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-27 22:38	261744	----a-w-	c:\users\Sofo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-27 22:38	261744	----a-w-	c:\users\Sofo\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-26 23:15	326944	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sofo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sofo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sofo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sofo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05	777032	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05	777032	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05	777032	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05	777032	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05	777032	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05	777032	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-07 391000]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-07 418136]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-02-04 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-02-11 10361616]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-12 11785832]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-05-12 2207848]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.aldi.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Copy to Semagic - c:\program files (x86)\Semagic\copy.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Semagic - c:\program files (x86)\Semagic\link.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: Interfaces\{86DD59FC-FF24-4A07-9C3E-C46AC9E7255C}: NameServer = 139.18.25.3,139.18.1.2
FF - ProfilePath - c:\users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\
FF - prefs.js: browser.search.selectedEngine - 
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.iminent.tlbrSrchUrl - hxxp://start.iminent.com/?ref=toolbarm#q=
FF - user.js: extensions.iminent.id - be0ac506000000000000bc77371a5a82
FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
FF - user.js: extensions.iminent.instlDay - 16035
FF - user.js: extensions.iminent.vrsn - 1.8.26.8
FF - user.js: extensions.iminent.vrsni - 1.8.26.8
FF - user.js: extensions.iminent.vrsnTs - 1.8.26.80:05
FF - user.js: extensions.iminent.prtnrId - iminent
FF - user.js: extensions.iminent.prdct - iminent
FF - user.js: extensions.iminent.aflt - orgnl
FF - user.js: extensions.iminent.smplGrp - none
FF - user.js: extensions.iminent.tlbrId - YBCPCSTIPO
FF - user.js: extensions.iminent.instlRef - 
FF - user.js: extensions.iminent.dfltLng - 
FF - user.js: extensions.iminent.excTlbr - false
FF - user.js: extensions.iminent.ffxUnstlRst - false
FF - user.js: extensions.iminent.admin - false
FF - user.js: extensions.iminent.autoRvrt - false
FF - user.js: extensions.iminent.rvrt - false
FF - user.js: extensions.iminent.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{0f21b1e5-5afc-43c9-9c66-515046e92ec2} - c:\program files (x86)\SaveSense\SaveSenseIE.dll
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-1ClickDownload - c:\program files (x86)\1clickmoviedownloader.com\uninst.exe
AddRemove-ALDI SÜD Mah Jong - c:\windows\system32\Uninstall ALDI SÜD Mah Jong.exe
AddRemove-SaveSense - c:\program files (x86)\SaveSense\uninst.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - c:\program files (x86)\kikin\uninst.exe
AddRemove-SaveSense - c:\users\Sofo\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\users\Sofo\AppData\Local\Temp\008E123.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-858175047-2941235212-2736993675-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-858175047-2941235212-2736993675-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\progra~2\COMMON~1\X10\Common\x10nets.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CONGSTAR\INTERNET-MANAGER\BIN\MCSERVER.EXE
c:\program files (x86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-daemon.exe
c:\program files (x86)\CONGSTAR\INTERNET-MANAGER\BIN\db_daemon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-04-17  01:22:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-04-16 23:22
.
Vor Suchlauf: 22 Verzeichnis(se), 475.594.960.896 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 475.750.993.920 Bytes frei
.
- - End Of File - - 1EE8169C686D1AEB5B0045EBD02249D5

Alt 17.04.2014, 10:53   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Adware/Junkware/Toolbars entfernen


Bevor du loslegst erst ein Backup deiner Browserprofile machen!
Firefox => https://support.mozilla.org/de/kb/fi...ederherstellen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.04.2014, 13:14   #11
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


1. Schritt:

Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 17/04/2014 um 13:38:14
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sofo - ERNST
# Gestartet von : C:\Users\Sofo\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Users\Sofo\AppData\Local\cool_mirage
Ordner Gelöscht : C:\Users\Sofo\AppData\Local\SaveSenseLive
Ordner Gelöscht : C:\Users\Sofo\AppData\Roaming\dvdvideosoftiehelpers
Datei Gelöscht : C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\searchplugins\iminent.xml
Datei Gelöscht : C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\user.js
Datei Gelöscht : C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AC129BF9-68BF-4BC4-A1DC-ECB62712FF99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SaveSenseLive
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-2.2
Schlüssel Gelöscht : HKLM\Software\DealPlyLive
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\Plus-HD-2.2
Schlüssel Gelöscht : HKLM\Software\SaveSenseLive
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "14307d4b90f75a1daa276d4a67e088cd");
Zeile gelöscht : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394108662365");
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "be0ac506000000000000bc77371a5a82");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16035");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.26.8");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.26.80:05:17");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.26.8");
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.adapters", "{\"google\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"expireTime\":\"1385507109169257156\"},\"boerse\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,[...]
Zeile gelöscht : user_pref("iminent.enabledAds", "false");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1385507112709");
Zeile gelöscht : user_pref("iminent.version", "7.47.2.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.47.2.1\",\"InstallEventCTime\":1385507499657}");

[ Datei : C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\9c86wsg3.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "14304e5bb4a7ab5413c58946b0a3d183");

-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8993 octets] - [17/04/2014 13:35:42]
AdwCleaner[S0].txt - [8513 octets] - [17/04/2014 13:38:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8573 octets] ##########


2. Schritt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sofo on 17.04.2014 at 13:44:41,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho1104.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1123.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho14F9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1C89.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho22D0.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho699C.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7994.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7CB2.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8099.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA317.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA377.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB0DD.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBF81.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC2FD.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF3F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoFE4D.tmp



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Sofo\AppData\Roaming\mozilla\firefox\profiles\tlnv25tz.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}
Emptied folder: C:\Users\Sofo\AppData\Roaming\mozilla\firefox\profiles\tlnv25tz.default\minidumps [429 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.04.2014 at 14:02:37,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und 3. Schritt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 01
Ran by Sofo (administrator) on ERNST on 17-04-2014 14:05:04
Running from C:\Users\Sofo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Dropbox, Inc.) C:\Users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ZTE) C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\MCSERVER.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-daemon.exe
() C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\db_daemon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10361616 2011-02-11] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-05-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-27] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{86DD59FC-FF24-4A07-9C3E-C46AC9E7255C}: [NameServer]139.18.25.3,139.18.1.2

FireFox:
========
FF ProfilePath: C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\artur.dubovoy@gmail.com [2014-03-11]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\ascsurfingprotection@iobit.com [2013-05-04]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\ich@maltegoetz.de [2013-12-19]
FF Extension: EPUBReader - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-25]
FF Extension: Copy to Semagic - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\copytosemagic@semagic.sourceforge.net.xpi [2013-10-08]
FF Extension: Tumblr Savior - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2014-01-19]
FF Extension: BetterPrivacy - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-12-24]
FF Extension: Greasemonkey - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-19]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-10]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon [2013-05-17]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-01-10]

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: twitter.com
CHR DefaultSearchProvider: Twitter
CHR DefaultSearchURL: hxxp://twitter.com/search?q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-05-04]
CHR Extension: (DVDVideoSoft) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-11-15]
CHR Extension: (Google Wallet) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Citavi Picker) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piehhloihgjjiomhieeddiidpekaajio [2014-01-10]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-15]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [piehhloihgjjiomhieeddiidpekaajio] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Chrome\ChromePicker.crx [2014-01-10]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-27] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
S2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-27] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [1077416 2010-09-16] (DiBcom SA)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va008; \??\C:\Users\Sofo\AppData\Local\Temp\008E123.tmp [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-17 14:02 - 2014-04-17 14:02 - 00002309 _____ () C:\Users\Sofo\Desktop\JRT.txt
2014-04-17 13:44 - 2014-04-17 13:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-17 13:35 - 2014-04-17 13:39 - 00000000 ____D () C:\AdwCleaner
2014-04-17 13:33 - 2014-04-17 13:34 - 01016261 _____ (Thisisu) C:\Users\Sofo\Desktop\JRT.exe
2014-04-17 13:33 - 2014-04-17 13:33 - 01426178 _____ () C:\Users\Sofo\Desktop\adwcleaner.exe
2014-04-17 13:32 - 2014-04-17 13:34 - 00000000 ____D () C:\User Data
2014-04-17 13:28 - 2014-04-17 13:28 - 00000000 ____D () C:\tlnv25tz.default
2014-04-17 01:22 - 2014-04-17 01:22 - 00042395 _____ () C:\ComboFix.txt
2014-04-17 00:46 - 2014-04-17 01:22 - 00000000 ____D () C:\ComboFix
2014-04-17 00:46 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-17 00:46 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-17 00:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-17 00:40 - 2014-04-17 01:22 - 00000000 ____D () C:\Qoobox
2014-04-17 00:39 - 2014-04-17 01:19 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 00:20 - 2014-04-17 00:20 - 05194807 ____R (Swearware) C:\Users\Sofo\Desktop\ComboFix.exe
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\kSub
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Program Files (x86)\kSub
2014-04-16 18:20 - 2014-04-16 18:24 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-04-16 18:19 - 2014-04-16 18:19 - 10189352 _____ (CCCP Project ) C:\Users\Sofo\Downloads\Combined-Community-Codec-Pack-2014-03-09.exe
2014-04-16 18:16 - 2014-04-16 18:16 - 00651052 _____ (Dako-kun ) C:\Users\Sofo\Downloads\kSub_Win32_Installer_2.4.1.0.exe
2014-04-16 16:20 - 2014-04-16 16:22 - 00039755 _____ () C:\Users\Sofo\Desktop\Addition.txt
2014-04-16 16:16 - 2014-04-17 14:05 - 00021910 _____ () C:\Users\Sofo\Desktop\FRST.txt
2014-04-16 16:16 - 2014-04-17 14:05 - 00000000 ____D () C:\FRST
2014-04-16 16:14 - 2014-04-16 16:15 - 02158080 _____ (Farbar) C:\Users\Sofo\Desktop\FRST64.exe
2014-04-14 11:00 - 2014-04-17 01:24 - 00000944 _____ () C:\Users\Public\Desktop\StudNET Login Client.lnk
2014-04-14 10:51 - 2014-04-17 13:40 - 00000504 _____ () C:\Windows\setupact.log
2014-04-14 10:51 - 2014-04-17 01:11 - 00004178 _____ () C:\Windows\PFRO.log
2014-04-14 10:51 - 2014-04-14 10:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 17:03 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 17:03 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 17:03 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 17:03 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 17:03 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 17:03 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 17:03 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 17:01 - 2014-03-08 06:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 17:01 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 17:01 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 17:01 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 17:01 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 17:01 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 17:01 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 17:01 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 17:01 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 17:01 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 17:01 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 17:01 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 17:01 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 17:01 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 17:01 - 2014-03-08 05:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 17:01 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 17:01 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 17:01 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 17:01 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 17:01 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 17:01 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 17:01 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 17:01 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-09 17:01 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 17:01 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-09 17:01 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 17:01 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 17:01 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 17:01 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 17:01 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 17:01 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-09 17:01 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 20:24 - 2014-04-08 20:24 - 00993712 _____ () C:\Users\Sofo\Downloads\setup (2).exe
2014-04-07 21:40 - 2014-04-07 21:40 - 00000826 _____ () C:\Users\Sofo\Documents\qc_ons.xml
2014-04-03 13:13 - 2014-04-03 13:13 - 02444288 _____ () C:\Users\Sofo\Downloads\982013041P1T001.XLS
2014-04-01 21:27 - 2014-04-01 21:27 - 04968079 _____ (Tim Kosse) C:\Users\Sofo\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-01 20:47 - 2014-04-01 20:47 - 00000000 ____D () C:\Users\Sofo\workspace
2014-04-01 20:45 - 2014-04-01 20:48 - 00000000 ____D () C:\Users\Sofo\.android
2014-04-01 20:20 - 2014-04-01 20:20 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Sofo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-03-30 16:40 - 2014-03-30 16:40 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-30 16:39 - 2014-03-30 16:40 - 84795392 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-29 14:00 - 2014-03-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 13:51 - 2014-03-19 13:51 - 00016155 _____ () C:\Users\Sofo\Downloads\Gruppenübersicht GYM MS.xlsx

==================== One Month Modified Files and Folders =======

2014-04-17 14:05 - 2014-04-16 16:16 - 00021910 _____ () C:\Users\Sofo\Desktop\FRST.txt
2014-04-17 14:05 - 2014-04-16 16:16 - 00000000 ____D () C:\FRST
2014-04-17 14:02 - 2014-04-17 14:02 - 00002309 _____ () C:\Users\Sofo\Desktop\JRT.txt
2014-04-17 14:02 - 2013-02-11 18:59 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Skype
2014-04-17 13:50 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-17 13:50 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-17 13:44 - 2014-04-17 13:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-17 13:44 - 2013-02-10 23:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-17 13:42 - 2013-02-11 19:28 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Dropbox
2014-04-17 13:41 - 2013-07-19 19:49 - 00048195 _____ () C:\autoupdate.log
2014-04-17 13:41 - 2013-02-10 20:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-17 13:40 - 2014-04-14 10:51 - 00000504 _____ () C:\Windows\setupact.log
2014-04-17 13:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-17 13:39 - 2014-04-17 13:35 - 00000000 ____D () C:\AdwCleaner
2014-04-17 13:39 - 2013-02-10 20:01 - 01839344 _____ () C:\Windows\WindowsUpdate.log
2014-04-17 13:34 - 2014-04-17 13:33 - 01016261 _____ (Thisisu) C:\Users\Sofo\Desktop\JRT.exe
2014-04-17 13:34 - 2014-04-17 13:32 - 00000000 ____D () C:\User Data
2014-04-17 13:33 - 2014-04-17 13:33 - 01426178 _____ () C:\Users\Sofo\Desktop\adwcleaner.exe
2014-04-17 13:28 - 2014-04-17 13:28 - 00000000 ____D () C:\tlnv25tz.default
2014-04-17 13:25 - 2013-04-03 13:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 13:07 - 2013-02-10 20:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-17 13:03 - 2013-02-11 19:29 - 00000000 ___RD () C:\Users\Sofo\Dropbox
2014-04-17 01:24 - 2014-04-14 11:00 - 00000944 _____ () C:\Users\Public\Desktop\StudNET Login Client.lnk
2014-04-17 01:22 - 2014-04-17 01:22 - 00042395 _____ () C:\ComboFix.txt
2014-04-17 01:22 - 2014-04-17 00:46 - 00000000 ____D () C:\ComboFix
2014-04-17 01:22 - 2014-04-17 00:40 - 00000000 ____D () C:\Qoobox
2014-04-17 01:19 - 2014-04-17 00:39 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 01:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-17 01:11 - 2014-04-14 10:51 - 00004178 _____ () C:\Windows\PFRO.log
2014-04-17 01:10 - 2009-07-14 04:34 - 85196800 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 19660800 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 00098304 _____ () C:\Windows\system32\config\SAM.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-17 01:09 - 2013-02-11 21:28 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\SoftGrid Client
2014-04-17 00:36 - 2013-02-15 00:50 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Audacity
2014-04-17 00:21 - 2013-02-11 19:48 - 00000000 ____D () C:\Users\Sofo\Desktop\Programme
2014-04-17 00:20 - 2014-04-17 00:20 - 05194807 ____R (Swearware) C:\Users\Sofo\Desktop\ComboFix.exe
2014-04-16 19:33 - 2013-02-13 16:16 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\FileZilla
2014-04-16 18:24 - 2014-04-16 18:20 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\kSub
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Program Files (x86)\kSub
2014-04-16 18:19 - 2014-04-16 18:19 - 10189352 _____ (CCCP Project ) C:\Users\Sofo\Downloads\Combined-Community-Codec-Pack-2014-03-09.exe
2014-04-16 18:16 - 2014-04-16 18:16 - 00651052 _____ (Dako-kun ) C:\Users\Sofo\Downloads\kSub_Win32_Installer_2.4.1.0.exe
2014-04-16 16:22 - 2014-04-16 16:20 - 00039755 _____ () C:\Users\Sofo\Desktop\Addition.txt
2014-04-16 16:15 - 2014-04-16 16:14 - 02158080 _____ (Farbar) C:\Users\Sofo\Desktop\FRST64.exe
2014-04-16 00:31 - 2013-02-11 19:15 - 00000000 ____D () C:\Studium
2014-04-15 15:56 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 11:00 - 2013-11-25 00:05 - 00000048 _____ () C:\Users\Public\Desktop\StudNET Homepage.url
2014-04-14 11:00 - 2013-03-15 13:25 - 00684916 _____ () C:\Windows\unins000.exe
2014-04-14 11:00 - 2013-03-15 13:25 - 00339767 _____ () C:\Windows\unins000.dat
2014-04-14 10:51 - 2014-04-14 10:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 02:43 - 2014-02-18 21:11 - 00309248 ____H () C:\Users\Sofo\Desktop\~WRL0051.tmp
2014-04-13 20:33 - 2013-05-10 19:05 - 00000000 ____D () C:\Windows\Minidump
2014-04-13 20:33 - 2013-02-10 21:18 - 00000000 ___RD () C:\Users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 20:29 - 2013-02-10 21:17 - 00000000 ____D () C:\Users\Sofo
2014-04-13 17:39 - 2014-02-18 21:11 - 00293376 ____H () C:\Users\Sofo\Desktop\~WRL0050.tmp
2014-04-09 23:49 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-09 18:01 - 2011-04-24 01:02 - 00700110 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 18:01 - 2011-04-24 01:02 - 00149960 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 18:01 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-08 20:24 - 2014-04-08 20:24 - 00993712 _____ () C:\Users\Sofo\Downloads\setup (2).exe
2014-04-08 15:18 - 2013-02-10 21:19 - 00157760 _____ () C:\Users\Sofo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 21:48 - 2013-02-11 19:15 - 00000000 ____D () C:\Sub
2014-04-07 21:40 - 2014-04-07 21:40 - 00000826 _____ () C:\Users\Sofo\Documents\qc_ons.xml
2014-04-06 02:41 - 2013-11-28 00:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-06 02:39 - 2011-04-24 12:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-06 02:00 - 2014-02-18 21:11 - 00284160 ____H () C:\Users\Sofo\Desktop\~WRL0049.tmp
2014-04-05 04:24 - 2014-02-18 21:11 - 00284160 ____H () C:\Users\Sofo\Desktop\~WRL0048.tmp
2014-04-04 02:26 - 2014-02-18 21:11 - 00274944 ____H () C:\Users\Sofo\Desktop\~WRL0047.tmp
2014-04-03 13:13 - 2014-04-03 13:13 - 02444288 _____ () C:\Users\Sofo\Downloads\982013041P1T001.XLS
2014-04-02 18:04 - 2013-02-14 13:57 - 00000000 ____D () C:\Users\Sofo\AppData\Local\Last.fm
2014-04-01 21:28 - 2013-02-12 00:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-01 21:27 - 2014-04-01 21:27 - 04968079 _____ (Tim Kosse) C:\Users\Sofo\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-01 20:48 - 2014-04-01 20:45 - 00000000 ____D () C:\Users\Sofo\.android
2014-04-01 20:47 - 2014-04-01 20:47 - 00000000 ____D () C:\Users\Sofo\workspace
2014-04-01 20:21 - 2013-11-20 12:33 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-01 20:20 - 2014-04-01 20:20 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Sofo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-01 00:06 - 2013-12-18 21:06 - 00000138 _____ () C:\Users\Sofo\AppData\Roaming\WB.CFG
2014-03-31 03:39 - 2013-05-27 16:56 - 00000000 ____D () C:\Users\Uni\AppData\Roaming\SoftGrid Client
2014-03-31 02:17 - 2013-05-21 20:50 - 00157760 _____ () C:\Users\Uni\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 23:25 - 2014-02-18 21:11 - 00261120 ____H () C:\Users\Sofo\Desktop\~WRL1429.tmp
2014-03-30 16:40 - 2014-03-30 16:40 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-30 16:40 - 2014-03-30 16:39 - 84795392 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-30 14:54 - 2013-02-11 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 02:02 - 2013-02-10 20:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 02:02 - 2013-02-10 20:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 14:00 - 2014-03-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 13:51 - 2014-03-19 13:51 - 00016155 _____ () C:\Users\Sofo\Downloads\Gruppenübersicht GYM MS.xlsx
2014-03-19 12:58 - 2013-02-11 19:15 - 00000000 ____D () C:\Users\Sofo\Desktop\Spiele

Some content of TEMP:
====================
C:\Users\Sofo\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-16 19:50

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition.txt (Wobei ich gerade irritiert bin, da beim Scan-Zeitpunkt der von gestern steht - aber ne andere Datei ist nicht da?):
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-04-2014 01
Ran by Sofo at 2014-04-16 16:20:45
Running from C:\Users\Sofo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.2 - IObit)
Aegisub 3.0.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.2 - Aegisub Team)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.3.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.1 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audition Online (HKLM-x32\...\Audition Online1.2.6064) (Version: 1.2.6064 - Burda:ic)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2008 - Avast Software)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Chaos auf Deponia (HKLM-x32\...\Deponia 2) (Version: 1.0 - Daedalic Entertainment)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.2.0.11 - Swiss Academic Software)
congstar Internet-Manager (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.1.588 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.4020 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2731.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.3503 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4013 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Strokes - Die Sünden der Väter (HKLM-x32\...\Dark Strokes - Die Sünden der Väter) (Version:  - )
Deponia (HKLM-x32\...\Deponia) (Version: 1.1.5 - Daedalic Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Druckerdeinstallation für EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series) (Version:  - SEIKO EPSON Corporation)
Edna Bricht Aus - Sammler Edition (HKLM-x32\...\EdnaSE) (Version: 1.2 - Daedalic Entertainment)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Harveys neue Augen Special Edition (HKLM-x32\...\Harveys neue Augen Special Edition) (Version: 1.3 - Daedalic Entertainment)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC)
ICQ 8.0 (build 5996, für aktuellen Benutzer) (HKCU\...\ICQ) (Version: 8.0.5996.0 - Mail.Ru)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{794E5C90-96E5-4413-B3F5-C803205AE30C}) (Version: 14.0.3000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 7 Update 2 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417002FF}) (Version: 7.0.20 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
kikin plugin 2.10 (HKLM-x32\...\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}) (Version: 2.10 - kikin)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.33 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Media converter (HKLM-x32\...\{729E16B3-1B80-4F3F-8D19-342A89631E0A}_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MovieDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - 1clickmoviedownloader.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6.1 - Project64)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6334 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
SaveSense (HKCU\...\SaveSense) (Version:  - ) <==== ATTENTION
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Semagic (remove only) (HKLM-x32\...\Semagic) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StudNET Login Client (HKLM-x32\...\{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1) (Version: 4.1 - Dossin-Brade GbR Leipzig)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
UltraStar Deluxe (HKLM-x32\...\UltraStar Deluxe) (Version: 1.1 - USDX Team)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Violin Newbie 2011 Version 3.1 (HKLM-x32\...\{B29E9BAD-AE37-488F-AB89-064EE3CFB72A}_is1) (Version: 3.1 - Simon Rettenbacher)
VR-pulse Installer (HKLM\...\{E3725525-DE3E-48C1-9B81-D5FF1BFA23BC}) (Version: 1.4.0 - American Megatrends Inc.)
watchmi (HKLM-x32\...\{AA4D1C5E-116A-4FF4-AA91-28F526868203}) (Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version:  - )

==================== Restore Points  =========================

12-03-2014 13:14:49 Windows Update
09-04-2014 15:00:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {3F5D9511-A7E3-4EB0-93B0-9F9EFE547514} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-27] (AVAST Software)
Task: {4548D5C2-EBFD-48C2-A100-8D65B15C9890} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {6387A3C6-25CE-46DA-801D-5ABE983F4727} - System32\Tasks\SaveSense => C:\Users\Sofo\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {67CAA8E0-DC13-4C92-A4D8-1D6B7112134D} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: {840D8940-1B59-4C69-B481-9FC33240E4C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {B6CEBE3E-E163-4148-97C5-0C7AAEE47556} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {C8C02EA0-0B84-4244-A998-32E88015681C} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit)
Task: {ED279018-F564-450B-8B86-0847C12E1C4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {FA926933-0C6F-478B-9FDB-58330A683798} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Sofo\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-02-05 00:42 - 2011-02-05 00:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-04-27 13:32 - 2010-12-14 11:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-12-06 13:52 - 2010-12-06 13:52 - 00062464 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2013-02-10 21:09 - 2013-02-10 21:09 - 00061952 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.5.0.5__f722db7bec59a14b\Tvd.Remote.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00078848 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.5.0.5__f722db7bec59a14b\Tvd.Reporting.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00148480 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.5.0.5__f722db7bec59a14b\Tvd.Aprico.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-13 22:53 - 2012-08-01 15:44 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2013-03-06 13:58 - 2013-01-15 18:59 - 00161088 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCExtMenu_64.dll
2011-04-24 13:35 - 2011-04-04 19:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-02-05 00:42 - 2011-02-05 00:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2013-05-17 12:08 - 2011-11-07 10:52 - 00220944 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-daemon.exe
2013-05-17 12:08 - 2011-11-07 10:52 - 00036624 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\db_daemon.exe
2013-03-06 13:58 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
2014-04-16 15:14 - 2014-04-16 11:45 - 02213376 _____ () C:\Program Files\AVAST Software\Avast\defs\14041600\algo.dll
2013-03-06 13:58 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-03-06 13:58 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-03-06 13:58 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-03-06 13:58 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Sofo\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-27 01:14 - 2013-11-27 01:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-12 23:50 - 2014-02-12 23:50 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-04-24 12:58 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-17 12:08 - 2011-05-06 05:03 - 00594944 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-1.dll
2013-05-17 12:08 - 2011-11-07 10:39 - 00099328 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\itapi.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00027136 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\log.dll
2013-05-17 12:08 - 2010-10-14 11:37 - 00971776 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libxml2.dll
2013-05-17 12:09 - 2010-10-14 11:37 - 00080688 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\zlib1.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00055296 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\coder.dll
2013-05-17 12:08 - 2011-11-07 10:39 - 00043008 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\audio.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00035840 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libConfig.dll
2013-05-17 12:08 - 2011-11-07 10:43 - 00020992 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libctlsvr.dll
2013-05-17 12:08 - 2007-09-09 17:07 - 00151552 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libexpat.dll
2013-05-17 12:09 - 2011-05-06 05:02 - 00341504 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\sqlite3.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 16:13 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-10 16:13 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 00180224 _____ () C:\Program Files (x86)\Paint Shop Pro 6\JCMYK.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 01703936 _____ () C:\Program Files (x86)\Paint Shop Pro 6\jff.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 00332800 _____ () C:\Program Files (x86)\Paint Shop Pro 6\Fpxlib.dll
2013-02-12 19:14 - 1999-08-13 07:00 - 00122880 _____ () C:\Program Files (x86)\Paint Shop Pro 6\JPEGLib.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Dolby Home Theater v4 => "c:\program files (x86)\dolby home theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: icq => C:\Users\Sofo\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: msnmsgr => "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2014 03:08:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


System errors:
=============
Error: (04/16/2014 03:11:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde nicht richtig gestartet.

Error: (04/16/2014 03:06:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "watchmi service" wurde nicht richtig gestartet.

Error: (04/16/2014 03:06:25 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/15/2014 03:58:05 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/15/2014 03:58:05 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/15/2014 03:58:05 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2014 03:56:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/16/2014 03:08:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/16/2014 03:03:31 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/16/2014 03:03:13 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900


==================== Memory info =========================== 

Percentage of memory in use: 78%
Total physical RAM: 4003.01 MB
Available physical RAM: 875.63 MB
Total Pagefile: 8004.2 MB
Available Pagefile: 3752.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.54 GB) (Free:404.25 GB) NTFS
Drive d: (Recover) (Fixed) (Total:37.99 GB) (Free:0.05 GB) NTFS
Drive g: () (Removable) (Total:3.71 GB) (Free:3.58 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=658 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Alt 17.04.2014, 13:30   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
Task: {6387A3C6-25CE-46DA-801D-5ABE983F4727} - System32\Tasks\SaveSense => C:\Users\Sofo\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {67CAA8E0-DC13-4C92-A4D8-1D6B7112134D} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: {FA926933-0C6F-478B-9FDB-58330A683798} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Sofo\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
C:\Users\Sofo\AppData\Roaming\SaveSense
C:\Program Files (x86)\SaveSenseLive
C:\Program Files (x86)\SaveSenseLive

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.04.2014, 14:05   #13
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-04-2014
Ran by Sofo at 2014-04-17 15:05:33 Run:1
Running from C:\Users\Sofo\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
Task: {6387A3C6-25CE-46DA-801D-5ABE983F4727} - System32\Tasks\SaveSense => C:\Users\Sofo\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {67CAA8E0-DC13-4C92-A4D8-1D6B7112134D} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: {FA926933-0C6F-478B-9FDB-58330A683798} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-11-27] (SaveSense) <==== ATTENTION
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Sofo\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
C:\Users\Sofo\AppData\Roaming\SaveSense
C:\Program Files (x86)\SaveSenseLive
C:\Program Files (x86)\SaveSenseLive
         
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6387A3C6-25CE-46DA-801D-5ABE983F4727} => Key deleted successfully.
C:\Windows\System32\Tasks\SaveSense not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSense => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67CAA8E0-DC13-4C92-A4D8-1D6B7112134D} => Key deleted successfully.
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA926933-0C6F-478B-9FDB-58330A683798} => Key deleted successfully.
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineCore => Key deleted successfully.
C:\Windows\Tasks\SaveSense.job not found.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job not found.
"C:\Users\Sofo\AppData\Roaming\SaveSense" => File/Directory not found.
"C:\Program Files (x86)\SaveSenseLive" => File/Directory not found.
"C:\Program Files (x86)\SaveSenseLive" => File/Directory not found.

==== End of Fixlog ====

Alt 17.04.2014, 14:31   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.04.2014, 14:49   #15
PahaKeiju
 
Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Standard

Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014
Ran by Sofo (administrator) on ERNST on 17-04-2014 15:35:31
Running from C:\Users\Sofo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
() C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dropbox, Inc.) C:\Users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Dossin-Brade GbR) C:\Windows\SysWOW64\studnet\studnet.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ZTE) C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\MCSERVER.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-daemon.exe
() C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\db_daemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() Q:\140066.deu\Office14\WINWORDC.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() Q:\140066.deu\Office14\OffSpon.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10361616 2011-02-11] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-05-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-27] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-858175047-2941235212-2736993675-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{86DD59FC-FF24-4A07-9C3E-C46AC9E7255C}: [NameServer]139.18.25.3,139.18.1.2

FireFox:
========
FF ProfilePath: C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @IObit.com/np_Asc_Plugin - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\artur.dubovoy@gmail.com [2014-03-11]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\ascsurfingprotection@iobit.com [2013-05-04]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\ich@maltegoetz.de [2013-12-19]
FF Extension: EPUBReader - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-25]
FF Extension: Copy to Semagic - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\copytosemagic@semagic.sourceforge.net.xpi [2013-10-08]
FF Extension: Tumblr Savior - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi [2014-01-19]
FF Extension: BetterPrivacy - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-12-24]
FF Extension: Greasemonkey - C:\Users\Sofo\AppData\Roaming\Mozilla\Firefox\Profiles\tlnv25tz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-19]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-10]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon [2013-05-17]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-01-10]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC"
CHR DefaultSearchKeyword: twitter.com
CHR DefaultSearchProvider: Twitter
CHR DefaultSearchURL: hxxp://twitter.com/search?q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-05-04]
CHR Extension: (DVDVideoSoft) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-11-15]
CHR Extension: (Google Wallet) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Citavi Picker) - C:\Users\Sofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piehhloihgjjiomhieeddiidpekaajio [2014-01-10]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-15]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-03-06]
CHR HKLM-x32\...\Chrome\Extension: [piehhloihgjjiomhieeddiidpekaajio] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Chrome\ChromePicker.crx [2014-01-10]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-27] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-27] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [1077416 2010-09-16] (DiBcom SA)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va008; \??\C:\Users\Sofo\AppData\Local\Temp\008E123.tmp [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-17 15:05 - 2014-04-17 15:05 - 00000000 ____D () C:\Users\Sofo\Desktop\FRST-OlderVersion
2014-04-17 14:02 - 2014-04-17 14:02 - 00002309 _____ () C:\Users\Sofo\Desktop\JRT.txt
2014-04-17 13:44 - 2014-04-17 13:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-17 13:35 - 2014-04-17 13:39 - 00000000 ____D () C:\AdwCleaner
2014-04-17 13:33 - 2014-04-17 13:34 - 01016261 _____ (Thisisu) C:\Users\Sofo\Desktop\JRT.exe
2014-04-17 13:33 - 2014-04-17 13:33 - 01426178 _____ () C:\Users\Sofo\Desktop\adwcleaner.exe
2014-04-17 13:32 - 2014-04-17 13:34 - 00000000 ____D () C:\User Data
2014-04-17 13:28 - 2014-04-17 13:28 - 00000000 ____D () C:\tlnv25tz.default
2014-04-17 01:22 - 2014-04-17 01:22 - 00042395 _____ () C:\ComboFix.txt
2014-04-17 00:46 - 2014-04-17 01:22 - 00000000 ____D () C:\ComboFix
2014-04-17 00:46 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-17 00:46 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-17 00:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-17 00:46 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-17 00:40 - 2014-04-17 01:22 - 00000000 ____D () C:\Qoobox
2014-04-17 00:39 - 2014-04-17 01:19 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 00:20 - 2014-04-17 00:20 - 05194807 ____R (Swearware) C:\Users\Sofo\Desktop\ComboFix.exe
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\kSub
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Program Files (x86)\kSub
2014-04-16 18:20 - 2014-04-16 18:24 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-04-16 18:19 - 2014-04-16 18:19 - 10189352 _____ (CCCP Project ) C:\Users\Sofo\Downloads\Combined-Community-Codec-Pack-2014-03-09.exe
2014-04-16 18:16 - 2014-04-16 18:16 - 00651052 _____ (Dako-kun ) C:\Users\Sofo\Downloads\kSub_Win32_Installer_2.4.1.0.exe
2014-04-16 16:20 - 2014-04-16 16:22 - 00039755 _____ () C:\Users\Sofo\Desktop\Addition.txt
2014-04-16 16:16 - 2014-04-17 15:36 - 00023153 _____ () C:\Users\Sofo\Desktop\FRST.txt
2014-04-16 16:16 - 2014-04-17 15:35 - 00000000 ____D () C:\FRST
2014-04-16 16:14 - 2014-04-17 15:05 - 02158592 _____ (Farbar) C:\Users\Sofo\Desktop\FRST64.exe
2014-04-14 11:00 - 2014-04-17 01:24 - 00000944 _____ () C:\Users\Public\Desktop\StudNET Login Client.lnk
2014-04-14 10:51 - 2014-04-17 14:08 - 00000560 _____ () C:\Windows\setupact.log
2014-04-14 10:51 - 2014-04-17 01:11 - 00004178 _____ () C:\Windows\PFRO.log
2014-04-14 10:51 - 2014-04-14 10:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 17:03 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 17:03 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 17:03 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 17:03 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 17:03 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 17:03 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 17:03 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 17:03 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 17:01 - 2014-03-08 06:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 17:01 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 17:01 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 17:01 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 17:01 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 17:01 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 17:01 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 17:01 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 17:01 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 17:01 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 17:01 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 17:01 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 17:01 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 17:01 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 17:01 - 2014-03-08 05:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 17:01 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 17:01 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 17:01 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 17:01 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 17:01 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 17:01 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 17:01 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 17:01 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-09 17:01 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 17:01 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-09 17:01 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 17:01 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 17:01 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 17:01 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 17:01 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 17:01 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-09 17:01 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 20:24 - 2014-04-08 20:24 - 00993712 _____ () C:\Users\Sofo\Downloads\setup (2).exe
2014-04-07 21:40 - 2014-04-07 21:40 - 00000826 _____ () C:\Users\Sofo\Documents\qc_ons.xml
2014-04-03 13:13 - 2014-04-03 13:13 - 02444288 _____ () C:\Users\Sofo\Downloads\982013041P1T001.XLS
2014-04-01 21:27 - 2014-04-01 21:27 - 04968079 _____ (Tim Kosse) C:\Users\Sofo\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-01 20:47 - 2014-04-01 20:47 - 00000000 ____D () C:\Users\Sofo\workspace
2014-04-01 20:45 - 2014-04-01 20:48 - 00000000 ____D () C:\Users\Sofo\.android
2014-04-01 20:20 - 2014-04-01 20:20 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Sofo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-03-30 16:40 - 2014-03-30 16:40 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-30 16:39 - 2014-03-30 16:40 - 84795392 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-29 14:00 - 2014-03-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 13:51 - 2014-03-19 13:51 - 00016155 _____ () C:\Users\Sofo\Downloads\Gruppenübersicht GYM MS.xlsx

==================== One Month Modified Files and Folders =======

2014-04-17 15:36 - 2014-04-16 16:16 - 00023153 _____ () C:\Users\Sofo\Desktop\FRST.txt
2014-04-17 15:35 - 2014-04-16 16:16 - 00000000 ____D () C:\FRST
2014-04-17 15:25 - 2013-04-03 13:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 15:16 - 2013-02-11 18:59 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Skype
2014-04-17 15:07 - 2013-02-10 20:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-17 15:05 - 2014-04-17 15:05 - 00000000 ____D () C:\Users\Sofo\Desktop\FRST-OlderVersion
2014-04-17 15:05 - 2014-04-16 16:14 - 02158592 _____ (Farbar) C:\Users\Sofo\Desktop\FRST64.exe
2014-04-17 15:02 - 2013-02-10 20:01 - 01843823 _____ () C:\Windows\WindowsUpdate.log
2014-04-17 14:17 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-17 14:17 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-17 14:11 - 2013-02-11 19:29 - 00000000 ___RD () C:\Users\Sofo\Dropbox
2014-04-17 14:11 - 2013-02-11 19:28 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Dropbox
2014-04-17 14:10 - 2013-02-10 23:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-17 14:09 - 2013-07-19 19:49 - 00048342 _____ () C:\autoupdate.log
2014-04-17 14:09 - 2013-02-10 20:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-17 14:08 - 2014-04-14 10:51 - 00000560 _____ () C:\Windows\setupact.log
2014-04-17 14:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-17 14:02 - 2014-04-17 14:02 - 00002309 _____ () C:\Users\Sofo\Desktop\JRT.txt
2014-04-17 13:44 - 2014-04-17 13:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-17 13:39 - 2014-04-17 13:35 - 00000000 ____D () C:\AdwCleaner
2014-04-17 13:34 - 2014-04-17 13:33 - 01016261 _____ (Thisisu) C:\Users\Sofo\Desktop\JRT.exe
2014-04-17 13:34 - 2014-04-17 13:32 - 00000000 ____D () C:\User Data
2014-04-17 13:33 - 2014-04-17 13:33 - 01426178 _____ () C:\Users\Sofo\Desktop\adwcleaner.exe
2014-04-17 13:28 - 2014-04-17 13:28 - 00000000 ____D () C:\tlnv25tz.default
2014-04-17 01:24 - 2014-04-14 11:00 - 00000944 _____ () C:\Users\Public\Desktop\StudNET Login Client.lnk
2014-04-17 01:22 - 2014-04-17 01:22 - 00042395 _____ () C:\ComboFix.txt
2014-04-17 01:22 - 2014-04-17 00:46 - 00000000 ____D () C:\ComboFix
2014-04-17 01:22 - 2014-04-17 00:40 - 00000000 ____D () C:\Qoobox
2014-04-17 01:19 - 2014-04-17 00:39 - 00000000 ____D () C:\Windows\erdnt
2014-04-17 01:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-17 01:11 - 2014-04-14 10:51 - 00004178 _____ () C:\Windows\PFRO.log
2014-04-17 01:10 - 2009-07-14 04:34 - 85196800 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 19660800 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 00098304 _____ () C:\Windows\system32\config\SAM.bak
2014-04-17 01:10 - 2009-07-14 04:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-17 01:09 - 2013-02-11 21:28 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\SoftGrid Client
2014-04-17 00:36 - 2013-02-15 00:50 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\Audacity
2014-04-17 00:21 - 2013-02-11 19:48 - 00000000 ____D () C:\Users\Sofo\Desktop\Programme
2014-04-17 00:20 - 2014-04-17 00:20 - 05194807 ____R (Swearware) C:\Users\Sofo\Desktop\ComboFix.exe
2014-04-16 19:33 - 2013-02-13 16:16 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\FileZilla
2014-04-16 18:24 - 2014-04-16 18:20 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Users\Sofo\AppData\Roaming\kSub
2014-04-16 18:21 - 2014-04-16 18:21 - 00000000 ____D () C:\Program Files (x86)\kSub
2014-04-16 18:19 - 2014-04-16 18:19 - 10189352 _____ (CCCP Project ) C:\Users\Sofo\Downloads\Combined-Community-Codec-Pack-2014-03-09.exe
2014-04-16 18:16 - 2014-04-16 18:16 - 00651052 _____ (Dako-kun ) C:\Users\Sofo\Downloads\kSub_Win32_Installer_2.4.1.0.exe
2014-04-16 16:22 - 2014-04-16 16:20 - 00039755 _____ () C:\Users\Sofo\Desktop\Addition.txt
2014-04-16 00:31 - 2013-02-11 19:15 - 00000000 ____D () C:\Studium
2014-04-15 15:56 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-14 11:00 - 2013-11-25 00:05 - 00000048 _____ () C:\Users\Public\Desktop\StudNET Homepage.url
2014-04-14 11:00 - 2013-03-15 13:25 - 00684916 _____ () C:\Windows\unins000.exe
2014-04-14 11:00 - 2013-03-15 13:25 - 00339767 _____ () C:\Windows\unins000.dat
2014-04-14 10:51 - 2014-04-14 10:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 02:43 - 2014-02-18 21:11 - 00309248 ____H () C:\Users\Sofo\Desktop\~WRL0051.tmp
2014-04-13 20:33 - 2013-05-10 19:05 - 00000000 ____D () C:\Windows\Minidump
2014-04-13 20:33 - 2013-02-10 21:18 - 00000000 ___RD () C:\Users\Sofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 20:29 - 2013-02-10 21:17 - 00000000 ____D () C:\Users\Sofo
2014-04-13 17:39 - 2014-02-18 21:11 - 00293376 ____H () C:\Users\Sofo\Desktop\~WRL0050.tmp
2014-04-09 23:49 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-09 18:01 - 2011-04-24 01:02 - 00700110 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 18:01 - 2011-04-24 01:02 - 00149960 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 18:01 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-08 20:24 - 2014-04-08 20:24 - 00993712 _____ () C:\Users\Sofo\Downloads\setup (2).exe
2014-04-08 15:18 - 2013-02-10 21:19 - 00157760 _____ () C:\Users\Sofo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 21:48 - 2013-02-11 19:15 - 00000000 ____D () C:\Sub
2014-04-07 21:40 - 2014-04-07 21:40 - 00000826 _____ () C:\Users\Sofo\Documents\qc_ons.xml
2014-04-06 02:41 - 2013-11-28 00:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-06 02:39 - 2011-04-24 12:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-06 02:00 - 2014-02-18 21:11 - 00284160 ____H () C:\Users\Sofo\Desktop\~WRL0049.tmp
2014-04-05 04:24 - 2014-02-18 21:11 - 00284160 ____H () C:\Users\Sofo\Desktop\~WRL0048.tmp
2014-04-04 02:26 - 2014-02-18 21:11 - 00274944 ____H () C:\Users\Sofo\Desktop\~WRL0047.tmp
2014-04-03 13:13 - 2014-04-03 13:13 - 02444288 _____ () C:\Users\Sofo\Downloads\982013041P1T001.XLS
2014-04-02 18:04 - 2013-02-14 13:57 - 00000000 ____D () C:\Users\Sofo\AppData\Local\Last.fm
2014-04-01 21:28 - 2013-02-12 00:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-01 21:27 - 2014-04-01 21:27 - 04968079 _____ (Tim Kosse) C:\Users\Sofo\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-01 20:48 - 2014-04-01 20:45 - 00000000 ____D () C:\Users\Sofo\.android
2014-04-01 20:47 - 2014-04-01 20:47 - 00000000 ____D () C:\Users\Sofo\workspace
2014-04-01 20:21 - 2013-11-20 12:33 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-01 20:20 - 2014-04-01 20:20 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Sofo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-01 00:06 - 2013-12-18 21:06 - 00000138 _____ () C:\Users\Sofo\AppData\Roaming\WB.CFG
2014-03-31 03:39 - 2013-05-27 16:56 - 00000000 ____D () C:\Users\Uni\AppData\Roaming\SoftGrid Client
2014-03-31 02:17 - 2013-05-21 20:50 - 00157760 _____ () C:\Users\Uni\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 23:25 - 2014-02-18 21:11 - 00261120 ____H () C:\Users\Sofo\Desktop\~WRL1429.tmp
2014-03-30 16:40 - 2014-03-30 16:40 - 00897024 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00098304 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-30 16:40 - 2014-03-30 16:40 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-30 16:40 - 2014-03-30 16:39 - 84795392 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-30 14:54 - 2013-02-11 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 02:02 - 2013-02-10 20:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 02:02 - 2013-02-10 20:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 14:00 - 2014-03-29 14:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 13:51 - 2014-03-19 13:51 - 00016155 _____ () C:\Users\Sofo\Downloads\Gruppenübersicht GYM MS.xlsx
2014-03-19 12:58 - 2013-02-11 19:15 - 00000000 ____D () C:\Users\Sofo\Desktop\Spiele

Some content of TEMP:
====================
C:\Users\Sofo\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-16 19:50

==================== End Of Log ============================
--- --- ---


Und die Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014
Ran by Sofo at 2014-04-17 15:37:32
Running from C:\Users\Sofo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.2 - IObit)
Aegisub 3.0.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.2 - Aegisub Team)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.3.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.1 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audition Online (HKLM-x32\...\Audition Online1.2.6064) (Version: 1.2.6064 - Burda:ic)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2008 - Avast Software)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{87D0541E-7EB4-44AD-8A0D-D951152020C1}) (Version: 0.7.18.921 - BlueStack Systems, Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Chaos auf Deponia (HKLM-x32\...\Deponia 2) (Version: 1.0 - Daedalic Entertainment)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.2.0.11 - Swiss Academic Software)
Combined Community Codec Pack 2014-03-09 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.03.09.0 - CCCP Project)
congstar Internet-Manager (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.1.588 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.4020 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2731.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.3503 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4013 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Strokes - Die Sünden der Väter (HKLM-x32\...\Dark Strokes - Die Sünden der Väter) (Version:  - )
Deponia (HKLM-x32\...\Deponia) (Version: 1.1.5 - Daedalic Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Druckerdeinstallation für EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series) (Version:  - SEIKO EPSON Corporation)
Edna Bricht Aus - Sammler Edition (HKLM-x32\...\EdnaSE) (Version: 1.2 - Daedalic Entertainment)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Harveys neue Augen Special Edition (HKLM-x32\...\Harveys neue Augen Special Edition) (Version: 1.3 - Daedalic Entertainment)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC)
ICQ 8.0 (build 5996, für aktuellen Benutzer) (HKCU\...\ICQ) (Version: 8.0.5996.0 - Mail.Ru)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{794E5C90-96E5-4413-B3F5-C803205AE30C}) (Version: 14.0.3000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 7 Update 2 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417002FF}) (Version: 7.0.20 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
kSub (HKLM-x32\...\{258C48B4-73E7-4AF0-97CF-5CD57BE44E43}_is1) (Version: 2.4.1.0 - Dako-kun)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.33 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Media converter (HKLM-x32\...\{729E16B3-1B80-4F3F-8D19-342A89631E0A}_is1) (Version:  - )
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6.1 - Project64)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6334 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Semagic (remove only) (HKLM-x32\...\Semagic) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
StudNET Login Client (HKLM-x32\...\{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1) (Version: 4.1 - Dossin-Brade GbR Leipzig)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
UltraStar Deluxe (HKLM-x32\...\UltraStar Deluxe) (Version: 1.1 - USDX Team)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Violin Newbie 2011 Version 3.1 (HKLM-x32\...\{B29E9BAD-AE37-488F-AB89-064EE3CFB72A}_is1) (Version: 3.1 - Simon Rettenbacher)
VR-pulse Installer (HKLM\...\{E3725525-DE3E-48C1-9B81-D5FF1BFA23BC}) (Version: 1.4.0 - American Megatrends Inc.)
watchmi (HKLM-x32\...\{AA4D1C5E-116A-4FF4-AA91-28F526868203}) (Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version:  - )

==================== Restore Points  =========================

09-04-2014 15:00:19 Windows Update
16-04-2014 22:46:33 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-17 01:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {3F5D9511-A7E3-4EB0-93B0-9F9EFE547514} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-27] (AVAST Software)
Task: {4548D5C2-EBFD-48C2-A100-8D65B15C9890} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {840D8940-1B59-4C69-B481-9FC33240E4C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {B6CEBE3E-E163-4148-97C5-0C7AAEE47556} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {C8C02EA0-0B84-4244-A998-32E88015681C} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit)
Task: {ED279018-F564-450B-8B86-0847C12E1C4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-02-05 00:42 - 2011-02-05 00:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-04-27 13:32 - 2010-12-14 11:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-12-06 13:52 - 2010-12-06 13:52 - 00062464 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2013-02-10 21:09 - 2013-02-10 21:09 - 00061952 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.5.0.5__f722db7bec59a14b\Tvd.Remote.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00078848 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.5.0.5__f722db7bec59a14b\Tvd.Reporting.dll
2013-02-10 21:09 - 2013-02-10 21:09 - 00148480 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.5.0.5__f722db7bec59a14b\Tvd.Aprico.dll
2011-04-24 13:35 - 2011-04-04 19:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-02-05 00:42 - 2011-02-05 00:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Sofo\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2013-05-17 12:08 - 2011-11-07 10:52 - 00220944 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-daemon.exe
2013-05-17 12:08 - 2011-11-07 10:52 - 00036624 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\db_daemon.exe
2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2013-03-06 13:58 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
2014-04-17 13:04 - 2014-04-17 09:06 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041700\algo.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-06 13:58 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-03-06 13:58 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-03-06 13:58 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-03-06 13:58 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Sofo\AppData\Roaming\Dropbox\bin\libcef.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-11-27 01:14 - 2013-11-27 01:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 16:13 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 16:13 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-02-12 23:50 - 2014-02-12 23:50 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-04-24 12:58 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-17 12:08 - 2011-05-06 05:03 - 00594944 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\dbus-1.dll
2013-05-17 12:08 - 2011-11-07 10:39 - 00099328 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\itapi.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00027136 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\log.dll
2013-05-17 12:08 - 2010-10-14 11:37 - 00971776 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libxml2.dll
2013-05-17 12:09 - 2010-10-14 11:37 - 00080688 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\zlib1.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00055296 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\coder.dll
2013-05-17 12:08 - 2011-11-07 10:39 - 00043008 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\audio.dll
2013-05-17 12:08 - 2011-11-07 10:38 - 00035840 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libConfig.dll
2013-05-17 12:08 - 2011-11-07 10:43 - 00020992 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libctlsvr.dll
2013-05-17 12:08 - 2007-09-09 17:07 - 00151552 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\libexpat.dll
2013-05-17 12:09 - 2011-05-06 05:02 - 00341504 _____ () C:\PROGRAM FILES (X86)\CONGSTAR\INTERNET-MANAGER\BIN\sqlite3.dll
2014-03-29 14:00 - 2014-03-29 14:00 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 23:25 - 2014-03-12 23:25 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Dolby Home Theater v4 => "c:\program files (x86)\dolby home theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: icq => C:\Users\Sofo\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: msnmsgr => "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:40 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:40 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 03:01:40 PM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (04/17/2014 02:09:30 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (04/17/2014 02:09:48 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/17/2014 02:09:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (04/17/2014 02:08:13 PM) (Source: Ntfs) (User: )
Description: Auf dem Volume "D:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (04/17/2014 02:04:28 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/17/2014 03:01:46 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900

Error: (04/17/2014 03:01:40 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path43900

Error: (04/17/2014 03:01:40 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path25900

Error: (04/17/2014 03:01:40 PM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
Description: Eap method DLL path17900

Error: (04/17/2014 02:09:30 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


CodeIntegrity Errors:
===================================
  Date: 2014-04-17 01:07:06.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-17 01:07:06.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 67%
Total physical RAM: 4003.01 MB
Available physical RAM: 1315.92 MB
Total Pagefile: 8004.2 MB
Available Pagefile: 4981.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:657.54 GB) (Free:442.43 GB) NTFS
Drive d: (Recover) (Fixed) (Total:37.99 GB) (Free:0 GB) NTFS
Drive g: () (Removable) (Total:3.71 GB) (Free:3.57 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=658 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Antwort
Seite 1 von 2 1 2

Themen zu Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)
adware, ahnung, avast, benötigt, beste, besten, booten, datei, dateien, diverse, forum, heute, infizierte, interne, internet, laptop, logfile, löschen, probleme, sache, schnelle, viren, win, win32, überhaupt


« Windows konnte nicht gestartet werden,... | Trojaner entfernen »


Ähnliche Themen: Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)


  1. Avast Antivirus hat infizierte Dateien entdeckt
    Log-Analyse und Auswertung - 23.12.2014 (17)
  2. Avast hat bei Startzeit-Überprüfung BProtector gefunden
    Plagegeister aller Art und deren Bekämpfung - 04.06.2014 (7)
  3. Avast! Free "Startzeit-Überprüfung" - falschmeldungen?
    Plagegeister aller Art und deren Bekämpfung - 17.04.2014 (5)
  4. Mehrere Bedrohungen, infizierte Dateien nach Quickscan identifiziert!
    Log-Analyse und Auswertung - 19.01.2014 (7)
  5. Malwarebytes findet 6 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 19.11.2013 (7)
  6. Windows7: Malwarebytes entdeckt mehrere infizierte Dateien
    Log-Analyse und Auswertung - 13.11.2013 (10)
  7. MBAM findet 2 Infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (11)
  8. Windows7|64-bit System|Avast meldet 5 infizierte Dateien
    Log-Analyse und Auswertung - 14.08.2013 (7)
  9. Antivir findet 3 infizierte Dateien 'EXP/Pidief.ej ; 'EXP/Java.HLP.A.1197; ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 09.08.2013 (9)
  10. Malwarebytes findet 18 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 21.01.2013 (22)
  11. AntiVir findet nichts doch Malwarebytes findet 22 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (21)
  12. Malwarebytes findet Adware.GamePlayLab und 3 weitere infizierte Dateien von Poker Anbietern
    Plagegeister aller Art und deren Bekämpfung - 26.05.2012 (1)
  13. Mehrere Hundert infizierte Dateien - Stolen Data
    Plagegeister aller Art und deren Bekämpfung - 27.10.2011 (20)
  14. Malwarebytes findet 3 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 01.09.2011 (14)
  15. avast findet "giraffic.exe", danach findet malewarebytes 13 infizierte dateien..PUP.Hacktool.Patcher
    Log-Analyse und Auswertung - 26.08.2011 (5)
  16. Anti-Malware findet infizierte Objekte: Backdoor.Bot|Adware.Adparatus|Adware.ResultDns
    Plagegeister aller Art und deren Bekämpfung - 26.08.2010 (7)
  17. Darf ich Infizierte Dateien aus dem Avast Container löschen?
    Antiviren-, Firewall- und andere Schutzprogramme - 05.04.2007 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) - Hey, nachdem ich in letzter Zeit öfter kleinere Probleme mit meinem Laptop hatte, habe ich mal auf Viren gescannt. Dabei ließ ich gestern zuerst eine schnelle Überprüfung mit Avast durchlaufen, - Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare)...
Archiv
Du betrachtest: Avast findet mehrere infizierte Dateien bei Startzeit-Überprüfung (u.a. AdWare) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19