Medion connect xl Rechner prüfen

deeprybka · 23.04.2014, 20:53

Hi,
so gehts weiter:

Schritt 1

Bitte deinstalliere folgende Programme:

Advanced System Protector
iLivid
MyPC Backup
Search-Results Toolbar

Versuche es über die Systemsteuerung/Programme deinstallieren. Sollte das nicht gehen,
machen wir es mit Revo.

Lade Dir dazu bitte Revo hier herunter.
Entpacke die zip-Datei auf den Desktop und starte die Revouninstaller.exe. Klicke auf Optionen und wähle als Sprache deutsch. Suche dann im Uninstallerfeld nach den oben angegebenen Programmen.

Klicke dann auf Uninstall.

Wähle dann den Modus wie auf dem Bild gezeigt. (Bild durch Anklicken vergrößerbar)

Solltest Du ein Programm nicht finden oder deinstallieren können, mache einfach mit den nächsten Schritt weiter...

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 4

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 5

Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

Bitte poste mir die Inhalte der Logs von MBAM, Adwarecleaner, ESET und FRST hier in den Thread.

haiflosse · 25.04.2014, 00:10

Danke für die Antwort.
Hier die Daten.
Eset habe ich leider bei der Deinstallation das Logfile mit gelöscht. Danach habe ich versucht nochmals eset zu installieren und den Scan durchzuführen. Hat er aber kein neues Logfile mehr erstellt und danach hat der den Scan nie fertig gemacht.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 24.04.2014 06:04:10, SYSTEM, LAPTOP, Scheduler, Malware Database, 2014.4.23.9, 2014.4.24.3, 
Protection, 24.04.2014 06:04:12, SYSTEM, LAPTOP, Protection, Refresh, Starting, 
Protection, 24.04.2014 06:04:12, SYSTEM, LAPTOP, Protection, Malicious Website Protection, Stopping, 
Protection, 24.04.2014 06:04:12, SYSTEM, LAPTOP, Protection, Malicious Website Protection, Stopped, 
Protection, 24.04.2014 06:04:16, SYSTEM, LAPTOP, Protection, Refresh, Success, 
Protection, 24.04.2014 06:04:16, SYSTEM, LAPTOP, Protection, Malicious Website Protection, Starting, 
Protection, 24.04.2014 06:04:17, SYSTEM, LAPTOP, Protection, Malicious Website Protection, Started, 

(end)

Code:

ATTFilter

# AdwCleaner v3.202 - Bericht erstellt am 23/04/2014 um 23:41:45
# Aktualisiert 23/04/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : franz - LAPTOP
# Gestartet von : C:\Users\franz\Downloads\programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Search Results Toolbar
Ordner Gelöscht : C:\Users\franz\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\franz\AppData\LocalLow\searchresultstb
Ordner Gelöscht : C:\Users\franz\AppData\Roaming\Systweak

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\iLividSRTB
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

*************************

AdwCleaner[R0].txt - [2894 octets] - [23/04/2014 23:40:39]
AdwCleaner[S0].txt - [2485 octets] - [23/04/2014 23:41:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2545 octets] ##########

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by franz (administrator) on LAPTOP on 25-04-2014 01:08:53
Running from C:\Users\franz\Downloads\programme
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PhotoDirector3\PhotoDirector3.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PhotoDirector3\OLRSubmission\OLRStateCheck.exe
() C:\Program Files (x86)\CyberLink\PhotoDirector3\OLRSubmission\OLRSubmission.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-22] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\Run: [Driver Whiz] => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [3976560 2013-09-19] (PC Drivers Headquarters)
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: H - "H:\Autorun.exe" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {287d56b5-f056-11e1-be85-806e6f6e6963} - "G:\SETUP.EXE" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {951271eb-5744-11e2-be90-84a6c8038f35} - "H:\Autorun.exe" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {ff2922a4-5740-11e2-be8f-84a6c8038f35} - "H:\Autorun.exe" 
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.at/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKCU - {F527FC21-36B5-4BB5-98A8-193783FB6D51} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.138

FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-22] (AVAST Software)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-22] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-24 06:55 - 2014-04-24 06:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-23 23:39 - 2014-04-23 23:41 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:18 - 2014-04-25 01:03 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 23:18 - 2014-04-23 23:18 - 00001136 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-23 23:18 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-23 23:18 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-22 23:05 - 2014-04-25 01:08 - 00000000 ____D () C:\FRST
2014-04-22 23:03 - 2014-04-25 01:08 - 00000000 ____D () C:\Users\franz\Downloads\programme
2014-04-22 22:55 - 2014-04-23 23:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-22 22:55 - 2014-04-22 22:55 - 00001980 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\Users\franz\AppData\Roaming\AVAST Software
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-22 22:54 - 2014-04-22 22:54 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-22 22:54 - 2014-04-22 22:54 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-22 22:54 - 2014-04-22 22:54 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-22 22:53 - 2014-04-22 22:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-22 22:47 - 2014-04-22 22:48 - 88882192 _____ (AVAST Software) C:\Users\franz\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-04-22 00:01 - 2012-09-29 07:52 - 01070152 _____ (Microsoft Corporation) C:\Users\franz\Documents\MSCOMCTL.OCX
2014-04-22 00:01 - 1998-05-09 01:00 - 00129264 _____ (Microsoft Corporation) C:\Users\franz\Documents\IELABEL.OCX
2014-04-22 00:00 - 2005-04-15 19:58 - 01351392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-04-21 23:53 - 2014-04-21 23:55 - 00001650 _____ () C:\Users\franz\Desktop\Aquatechnik.lnk
2014-04-21 23:46 - 2014-04-23 23:46 - 00000000 ____D () C:\Windows\AutoKMS
2014-04-21 23:46 - 2014-04-21 23:46 - 00003238 _____ () C:\Windows\System32\Tasks\AutoKMSCustom
2014-04-21 23:44 - 2014-04-21 23:44 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-04-21 23:12 - 2014-04-21 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 23:06 - 2014-04-21 23:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-04-21 23:02 - 2014-04-21 23:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\franz\AppData\Local\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-21 23:01 - 2014-04-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-21 23:00 - 2014-04-21 23:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-21 22:58 - 2014-04-21 22:58 - 00000000 __RHD () C:\MSOCache
2014-04-21 22:38 - 2014-04-22 22:51 - 00463032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 22:34 - 2014-04-21 22:34 - 00000000 ____D () C:\Users\franz\AppData\Roaming\InstallShield
2014-04-21 22:10 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-21 22:10 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 13:39 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-18 13:39 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-18 13:39 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-18 13:39 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-18 13:39 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-18 13:39 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-18 13:39 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-18 13:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-18 13:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-18 13:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-18 13:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-18 13:39 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-18 13:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-18 13:39 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-18 13:39 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-18 13:39 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-18 13:38 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-18 13:38 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 13:38 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 13:38 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-18 13:22 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-18 13:22 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-18 13:22 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-18 13:22 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-18 13:10 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-18 13:10 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 08:07 - 2014-04-11 08:07 - 00041790 _____ () C:\Users\franz\Documents\flaschensuchenliste.xls
2014-04-05 08:47 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-05 08:47 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-05 08:46 - 2013-12-05 01:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-05 08:46 - 2013-12-05 01:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-05 08:45 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-05 08:45 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-05 08:45 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-05 08:45 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-05 08:45 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-05 08:41 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-05 08:41 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-04-05 08:41 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-04-05 08:41 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-04-05 08:41 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-04-05 08:41 - 2013-10-28 07:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-04-05 08:41 - 2013-10-28 06:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-04-05 08:41 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-04-05 08:41 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-05 08:41 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-05 08:41 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-05 08:41 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-05 08:40 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-05 08:40 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-05 08:39 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-05 08:39 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-05 08:39 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-05 08:39 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-05 08:33 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-05 08:33 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-25 01:08 - 2014-04-22 23:05 - 00000000 ____D () C:\FRST
2014-04-25 01:08 - 2014-04-22 23:03 - 00000000 ____D () C:\Users\franz\Downloads\programme
2014-04-25 01:07 - 2012-12-22 09:26 - 00000000 ____D () C:\Users\franz\AppData\Local\CyberLink
2014-04-25 01:04 - 2013-01-15 14:02 - 00051200 ___SH () C:\Users\franz\Desktop\Thumbs.db
2014-04-25 01:04 - 2012-12-22 09:26 - 00000000 ____D () C:\Users\franz\Documents\Youcam
2014-04-25 01:03 - 2014-04-23 23:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-25 01:03 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 18:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-24 14:16 - 2012-08-14 14:01 - 00193450 _____ () C:\Windows\PFRO.log
2014-04-24 06:55 - 2014-04-24 06:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-24 01:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-23 23:46 - 2014-04-21 23:46 - 00000000 ____D () C:\Windows\AutoKMS
2014-04-23 23:41 - 2014-04-23 23:39 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:41 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-23 23:35 - 2014-04-22 22:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-23 23:33 - 2012-08-14 07:31 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-23 23:31 - 2012-12-22 09:31 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1895014420-3724956696-1138181978-1001
2014-04-23 23:25 - 2012-12-22 09:22 - 01705610 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 23:18 - 2014-04-23 23:18 - 00001136 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 23:13 - 2012-12-22 09:25 - 00000000 ___RD () C:\Users\franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 22:55 - 2014-04-22 22:55 - 00001980 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\Users\franz\AppData\Roaming\AVAST Software
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-22 22:54 - 2014-04-22 22:54 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-22 22:54 - 2014-04-22 22:54 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-22 22:54 - 2014-04-22 22:54 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-22 22:53 - 2014-04-22 22:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-22 22:51 - 2014-04-21 22:38 - 00463032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-22 22:48 - 2014-04-22 22:47 - 88882192 _____ (AVAST Software) C:\Users\franz\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-04-21 23:55 - 2014-04-21 23:53 - 00001650 _____ () C:\Users\franz\Desktop\Aquatechnik.lnk
2014-04-21 23:46 - 2014-04-21 23:46 - 00003238 _____ () C:\Windows\System32\Tasks\AutoKMSCustom
2014-04-21 23:44 - 2014-04-21 23:44 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-04-21 23:13 - 2014-04-21 23:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 23:12 - 2014-04-21 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-21 23:11 - 2012-07-26 09:52 - 00000000 ____D () C:\Windows\ShellNew
2014-04-21 23:09 - 2014-04-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 23:06 - 2014-04-21 23:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-21 23:05 - 2012-07-26 07:26 - 00000167 _____ () C:\Windows\win.ini
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\franz\AppData\Local\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-21 23:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-21 23:00 - 2014-04-21 23:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-21 22:58 - 2014-04-21 22:58 - 00000000 __RHD () C:\MSOCache
2014-04-21 22:51 - 2012-12-22 10:26 - 00000967 _____ () C:\Windows\ODBCINST.INI
2014-04-21 22:51 - 2012-12-22 10:26 - 00000777 _____ () C:\Windows\ODBC.INI
2014-04-21 22:51 - 2012-12-22 10:26 - 00000011 _____ () C:\Windows\exchng.ini
2014-04-21 22:51 - 2012-12-22 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office97
2014-04-21 22:51 - 2012-12-22 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Nachschlagewerke
2014-04-21 22:51 - 2012-12-22 10:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office97
2014-04-21 22:51 - 2012-07-26 10:12 - 00000000 __RSD () C:\Windows\Media
2014-04-21 22:50 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\System
2014-04-21 22:50 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Help
2014-04-21 22:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-04-21 22:44 - 2012-08-14 05:50 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-04-21 22:44 - 2012-08-14 05:50 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-04-21 22:44 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-21 22:34 - 2014-04-21 22:34 - 00000000 ____D () C:\Users\franz\AppData\Roaming\InstallShield
2014-04-21 22:10 - 2012-12-22 09:25 - 00000000 ___RD () C:\Users\franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 22:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-21 22:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-21 21:04 - 2013-08-19 08:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-21 21:01 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-18 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-16 08:34 - 2012-12-22 09:24 - 00000000 ____D () C:\Users\franz
2014-04-11 08:07 - 2014-04-11 08:07 - 00041790 _____ () C:\Users\franz\Documents\flaschensuchenliste.xls
2014-04-10 18:11 - 2013-01-05 16:59 - 00002188 ____H () C:\Users\franz\Documents\Default.rdp
2014-04-03 09:51 - 2014-04-23 23:18 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 23:18 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 23:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 23:18 - 2014-04-21 22:10 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-21 22:10 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2012-12-27 12:37 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\franz\AppData\Local\Temp\avgnt.exe
C:\Users\franz\AppData\Local\Temp\BackupSetup.exe
C:\Users\franz\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\franz\AppData\Local\Temp\Delta.exe
C:\Users\franz\AppData\Local\Temp\DeltaTB.exe
C:\Users\franz\AppData\Local\Temp\MybabylonTB.exe
C:\Users\franz\AppData\Local\Temp\ose00000.exe
C:\Users\franz\AppData\Local\Temp\propsys.dll
C:\Users\franz\AppData\Local\Temp\Quarantine.exe
C:\Users\franz\AppData\Local\Temp\WSSetup.exe
C:\Users\franz\AppData\Local\Temp\_is63B6.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-24 01:12

==================== End Of Log ============================

--- --- ---

Danke

deeprybka · 25.04.2014, 05:06

Hallo, bitte das Suchlaufprotokoll von MBAM posten...

haiflosse · 25.04.2014, 17:18

Sorry, hier nun das richtige Suchlauffile

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 23.04.2014
Suchlauf-Zeit: 23:31:47
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.23.09
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: franz

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 252023
Verstrichene Zeit: 11 Min, 16 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 6
PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{377e5d4d-77e5-476a-8716-7e70a9272da0}, In Quarantäne, [c93721df629ed0309c66dc3df70b26da], 
PUP.Optional.SearchResults.A, HKU\S-1-5-21-1895014420-3724956696-1138181978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{377E5D4D-77E5-476A-8716-7E70A9272DA0}, In Quarantäne, [c93721df629ed0309c66dc3df70b26da], 
PUP.Optional.SearchResults.A, HKU\S-1-5-21-1895014420-3724956696-1138181978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{377E5D4D-77E5-476A-8716-7E70A9272DA0}, In Quarantäne, [c93721df629ed0309c66dc3df70b26da], 
PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{377E5D4D-77E5-476A-8716-7E70A9272DA0}, In Quarantäne, [c93721df629ed0309c66dc3df70b26da], 
PUP.Optional.Datamngr.A, HKU\S-1-5-21-1895014420-3724956696-1138181978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, In Quarantäne, [d12f728ed42c39c7a3871f306c967c84], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-1895014420-3724956696-1138181978-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [23dd87797888dc2420bad7998a78bc44], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 4
PUP.Optional.Datamngr.A, C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\Datamngr, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\Datamngr\x64, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.MoviesToolbar.A, C:\PROGRAM FILES (X86)\MOVIES TOOLBAR\Datamngr, Löschen bei Neustart, [27d9b749f10f9d6377067be68b77a35d], 
PUP.Optional.MoviesToolbar.A, C:\PROGRAM FILES (X86)\MOVIES TOOLBAR\Datamngr\x64, Löschen bei Neustart, [27d9b749f10f9d6377067be68b77a35d], 

Dateien: 11
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [7090e020e61a44bcb4b586f6ca38e11f], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\del_DM_DLL_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\del_DM_LL_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\del_IEBHO_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\del_mg_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\del_BHO_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\del_DM_DLL_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\del_DM_LL_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\del_mg_nsx80E9.dll, In Quarantäne, [1de3cc348a7688783cd3b4adbb476f91], 
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsm6A23.dll, Löschen bei Neustart, [27d9b749f10f9d6377067be68b77a35d], 
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsm6A23.dll, Löschen bei Neustart, [27d9b749f10f9d6377067be68b77a35d], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Hoffe du kannst mir noch weiterhelfen.
Danke

deeprybka · 25.04.2014, 20:08

OK, als Alternative für ESET nehmen wir einen anderen Scanner.

Schritt 1

Downloade Dir HitmanPro

auf Deinen Desktop:

HitmanPro - 32 Bit
HitmanPro - 64 Bit

Starte die HitmanPro.exe
Klicke unten auf der Button-Leiste auf Einstellungen
Belasse die Standardeinstellungen und wähle nur bei "Nach potentiell unerwünschten Programmen suchen" als "Standardaktion" Löschen aus und bestätige mit Ok.
Klicke auf Weiter und akzeptiere die Lizenzbedingungen. Klicke auf Weiter.
Wähle "Nein, ich möchte nur einen Einmalscan zur Überprüfung dieses Computers ausführen" aus und klicke auf Weiter.
Lass am Ende des Suchlaufs alle auftretende Funde löschen und klicke auf Weiter.
Wähle unten links auf der Button-Leiste Logdatei speichern und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro.

Poste bitte den Inhalt der HitmanPro_<Datum_Uhrzeit>.txt mit Deiner nächsten Antwort.

Schritt 2

Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

haiflosse · 26.04.2014, 22:51

Danke für die Hilfe.
Hier die Ergebnisse:

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.9.216
www.hitmanpro.com

   Computer name . . . . : LAPTOP
   Windows . . . . . . . : 6.2.0.9200.X64/4
   User name . . . . . . : Laptop\franz
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-04-26 23:43:18
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 16s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 9

   Objects scanned . . . : 1*635*560
   Files scanned . . . . : 30*326
   Remnants scanned  . . : 413*400 files / 1*191*834 keys

Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} (iLivid)

Cookies _____________________________________________________________________

   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\0M58QHOO.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\4QN4202W.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\B32ZK8CL.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\G3K8AO62.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\ITTPXR5Q.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\Q79ZZLDO.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\QB60H03T.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\QXDG9ZTO.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by franz at 2014-04-26 23:50:05
Running from C:\Users\franz\Downloads\programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

A1 Dashboard (HKLM-x32\...\A1 Dashboard) (Version: 1.17.0.0 - A1 Telekom Austria AG)
A1 Dashboard (x32 Version: 1.17.0.0 - A1 Telekom Austria AG) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1 - Adobe Systems, Inc.)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3111_44883 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3124 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4125.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0814 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0814 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (x32 Version: 5.0.1930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Whiz (HKLM-x32\...\{0B540DA4-41AE-4B79-BEAB-0F07E09669AB}) (Version: 8.1 - Driver Whiz)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
HOFER Bestellsoftware 4.9.6 (HKLM-x32\...\HOFER Bestellsoftware) (Version: 4.9.6 - ORWO Net)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

22-04-2014 20:53:49 avast! antivirus system restore point

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {42EEF210-471C-4C1B-92C1-0172348E7FDF} - System32\Tasks\Driver Whiz-RTMRules => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {4DEACA03-F6FF-46B1-B064-15E1156ACFDF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {5CBCECBC-9402-4786-945E-BFE1BCFFF328} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-21] ()
Task: {6BA3EA02-EFF5-4FFC-8F69-BB28F10002C1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-22] (AVAST Software)
Task: {6DF8815E-74D9-4944-A1F1-4C82E6E321D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7F98C161-7B61-457D-B002-E299FA2DB947} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {A1475358-C911-4493-9F29-B9094BAA92B3} - System32\Tasks\Driver Whiz-RTMScanRunOnce => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B94521DC-DBE9-4214-84CF-87FADC242C0D} - System32\Tasks\Driver Whiz-RTMUpdater => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {BB8DFBA1-34F6-4116-9D41-960E2FD4F0DE} - System32\Tasks\Driver Whiz-RTMScan => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EF6A3C2D-1F7A-4850-A8B8-7B973017ED2A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FFBDDB35-B666-4699-A9A7-890A2035B6FB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

==================== Loaded Modules (whitelisted) =============

2012-08-14 08:15 - 2010-08-19 11:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-08-14 07:57 - 2012-08-03 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-19 10:00 - 2013-09-19 10:00 - 00684416 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\ThemePack.DriverWhiz.dll
2013-09-19 09:31 - 2013-09-19 09:31 - 00412064 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\Agent.Communication.XmlSerializers.dll
2014-04-24 14:18 - 2014-04-24 14:18 - 02215936 _____ () C:\Program Files\AVAST Software\Avast\defs\14042400\algo.dll
2014-04-25 01:04 - 2014-04-25 01:04 - 02215936 _____ () C:\Program Files\AVAST Software\Avast\defs\14042401\algo.dll
2014-04-24 03:05 - 2014-04-24 03:05 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2012-08-14 08:45 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-14 08:13 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-04-22 22:54 - 2014-04-22 22:54 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2014 01:04:49 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/25/2014 01:04:11 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026390
ID des fehlerhaften Prozesses: 0x5e0
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (04/24/2014 06:30:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 02:18:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026390
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (04/24/2014 02:18:00 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 02:17:50 PM) (Source: ESENT) (User: )
Description: taskhostex (4032) WebCacheLocal: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (04/24/2014 02:17:50 PM) (Source: ESENT) (User: )
Description: taskhostex (4032) WebCacheLocal: Versuch, Datei "C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (04/24/2014 06:55:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 06:55:40 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 01:21:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============
Error: (04/25/2014 01:04:41 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/25/2014 01:04:15 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/25/2014 01:04:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/25/2014 01:03:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/25/2014 01:02:48 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎24.‎04.‎2014 um 18:16:41 unerwartet heruntergefahren.

Error: (04/25/2014 01:02:32 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (04/24/2014 02:18:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/24/2014 02:18:33 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/24/2014 02:18:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/24/2014 02:16:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127


Microsoft Office Sessions:
=========================
Error: (04/25/2014 01:04:49 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/25/2014 01:04:11 AM) (Source: Application Error)(User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec000000500000000000263905e001cf6011645f5b47C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllbedf768d-cc04-11e3-beb5-84a6c8038f35

Error: (04/24/2014 06:30:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/24/2014 02:18:20 PM) (Source: Application Error)(User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec00000050000000000026390ac001cf5fb72207a09aC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll85ade822-cbaa-11e3-beb4-84a6c8038f35

Error: (04/24/2014 02:18:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/24/2014 02:17:50 PM) (Source: ESENT)(User: )
Description: taskhostex4032WebCacheLocal: C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)

Error: (04/24/2014 02:17:50 PM) (Source: ESENT)(User: )
Description: taskhostex4032WebCacheLocal: C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (04/24/2014 06:55:42 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/24/2014 06:55:40 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/24/2014 01:21:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 3961.66 MB
Available physical RAM: 2380.45 MB
Total Pagefile: 15737.66 MB
Available Pagefile: 14176.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:450.07 GB) (Free:399.08 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.28 GB) NTFS
Drive e: (Volume) (Fixed) (Total:419.92 GB) (Free:418.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by franz (administrator) on LAPTOP on 26-04-2014 23:49:28
Running from C:\Users\franz\Downloads\programme
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-22] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\Run: [Driver Whiz] => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [3976560 2013-09-19] (PC Drivers Headquarters)
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: H - "H:\Autorun.exe" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {287d56b5-f056-11e1-be85-806e6f6e6963} - "G:\SETUP.EXE" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {951271eb-5744-11e2-be90-84a6c8038f35} - "H:\Autorun.exe" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {ff2922a4-5740-11e2-be8f-84a6c8038f35} - "H:\Autorun.exe" 
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.at/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKCU - {F527FC21-36B5-4BB5-98A8-193783FB6D51} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.138

FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-22] (AVAST Software)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-22] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 23:41 - 2014-04-26 23:48 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-24 06:55 - 2014-04-24 06:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-23 23:39 - 2014-04-23 23:41 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:18 - 2014-04-26 23:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 23:18 - 2014-04-23 23:18 - 00001136 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-23 23:18 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-23 23:18 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-22 23:05 - 2014-04-26 23:49 - 00000000 ____D () C:\FRST
2014-04-22 23:03 - 2014-04-26 23:49 - 00000000 ____D () C:\Users\franz\Downloads\programme
2014-04-22 22:55 - 2014-04-23 23:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-22 22:55 - 2014-04-22 22:55 - 00001980 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\Users\franz\AppData\Roaming\AVAST Software
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-22 22:54 - 2014-04-22 22:54 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-22 22:54 - 2014-04-22 22:54 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-22 22:54 - 2014-04-22 22:54 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-22 22:53 - 2014-04-22 22:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-22 22:47 - 2014-04-22 22:48 - 88882192 _____ (AVAST Software) C:\Users\franz\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-04-22 00:01 - 2012-09-29 07:52 - 01070152 _____ (Microsoft Corporation) C:\Users\franz\Documents\MSCOMCTL.OCX
2014-04-22 00:01 - 1998-05-09 01:00 - 00129264 _____ (Microsoft Corporation) C:\Users\franz\Documents\IELABEL.OCX
2014-04-22 00:00 - 2005-04-15 19:58 - 01351392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-04-21 23:53 - 2014-04-21 23:55 - 00001650 _____ () C:\Users\franz\Desktop\Aquatechnik.lnk
2014-04-21 23:46 - 2014-04-23 23:46 - 00000000 ____D () C:\Windows\AutoKMS
2014-04-21 23:46 - 2014-04-21 23:46 - 00003238 _____ () C:\Windows\System32\Tasks\AutoKMSCustom
2014-04-21 23:44 - 2014-04-21 23:44 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-04-21 23:12 - 2014-04-21 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 23:06 - 2014-04-21 23:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-04-21 23:02 - 2014-04-21 23:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\franz\AppData\Local\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-21 23:01 - 2014-04-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-21 23:00 - 2014-04-21 23:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-21 22:58 - 2014-04-21 22:58 - 00000000 __RHD () C:\MSOCache
2014-04-21 22:38 - 2014-04-22 22:51 - 00463032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 22:34 - 2014-04-21 22:34 - 00000000 ____D () C:\Users\franz\AppData\Roaming\InstallShield
2014-04-21 22:10 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-21 22:10 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 13:39 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-18 13:39 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-18 13:39 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-18 13:39 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-18 13:39 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-18 13:39 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-18 13:39 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-18 13:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-18 13:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-18 13:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-18 13:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-18 13:39 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-18 13:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-18 13:39 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-18 13:39 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-18 13:39 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-18 13:38 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-18 13:38 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 13:38 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 13:38 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-18 13:22 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-18 13:22 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-18 13:22 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-18 13:22 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-18 13:10 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-18 13:10 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 08:07 - 2014-04-11 08:07 - 00041790 _____ () C:\Users\franz\Documents\flaschensuchenliste.xls
2014-04-05 08:47 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-05 08:47 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-05 08:46 - 2013-12-05 01:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-05 08:46 - 2013-12-05 01:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-05 08:45 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-05 08:45 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-05 08:45 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-05 08:45 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-05 08:45 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-05 08:41 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-05 08:41 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-04-05 08:41 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-04-05 08:41 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-04-05 08:41 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-04-05 08:41 - 2013-10-28 07:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-04-05 08:41 - 2013-10-28 06:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-04-05 08:41 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-04-05 08:41 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-05 08:41 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-05 08:41 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-05 08:41 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-05 08:40 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-05 08:40 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-05 08:39 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-05 08:39 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-05 08:39 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-05 08:39 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-05 08:33 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-05 08:33 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-26 23:49 - 2014-04-22 23:05 - 00000000 ____D () C:\FRST
2014-04-26 23:49 - 2014-04-22 23:03 - 00000000 ____D () C:\Users\franz\Downloads\programme
2014-04-26 23:48 - 2014-04-26 23:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-26 23:48 - 2012-12-22 09:22 - 01736947 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 23:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-26 23:39 - 2014-04-23 23:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 23:39 - 2012-12-22 09:26 - 00000000 ____D () C:\Users\franz\Documents\Youcam
2014-04-25 01:07 - 2012-12-22 09:26 - 00000000 ____D () C:\Users\franz\AppData\Local\CyberLink
2014-04-25 01:04 - 2013-01-15 14:02 - 00051200 ___SH () C:\Users\franz\Desktop\Thumbs.db
2014-04-25 01:03 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 14:16 - 2012-08-14 14:01 - 00193450 _____ () C:\Windows\PFRO.log
2014-04-24 06:55 - 2014-04-24 06:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-24 01:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-23 23:46 - 2014-04-21 23:46 - 00000000 ____D () C:\Windows\AutoKMS
2014-04-23 23:41 - 2014-04-23 23:39 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:41 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-23 23:35 - 2014-04-22 22:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-23 23:33 - 2012-08-14 07:31 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-23 23:31 - 2012-12-22 09:31 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1895014420-3724956696-1138181978-1001
2014-04-23 23:18 - 2014-04-23 23:18 - 00001136 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 23:13 - 2012-12-22 09:25 - 00000000 ___RD () C:\Users\franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 22:55 - 2014-04-22 22:55 - 00001980 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\Users\franz\AppData\Roaming\AVAST Software
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-22 22:54 - 2014-04-22 22:54 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-22 22:54 - 2014-04-22 22:54 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-22 22:54 - 2014-04-22 22:54 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-22 22:53 - 2014-04-22 22:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-22 22:51 - 2014-04-21 22:38 - 00463032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-22 22:48 - 2014-04-22 22:47 - 88882192 _____ (AVAST Software) C:\Users\franz\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-04-21 23:55 - 2014-04-21 23:53 - 00001650 _____ () C:\Users\franz\Desktop\Aquatechnik.lnk
2014-04-21 23:46 - 2014-04-21 23:46 - 00003238 _____ () C:\Windows\System32\Tasks\AutoKMSCustom
2014-04-21 23:44 - 2014-04-21 23:44 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-04-21 23:13 - 2014-04-21 23:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 23:12 - 2014-04-21 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-21 23:11 - 2012-07-26 09:52 - 00000000 ____D () C:\Windows\ShellNew
2014-04-21 23:09 - 2014-04-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 23:06 - 2014-04-21 23:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-21 23:05 - 2012-07-26 07:26 - 00000167 _____ () C:\Windows\win.ini
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\franz\AppData\Local\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-21 23:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-21 23:00 - 2014-04-21 23:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-21 22:58 - 2014-04-21 22:58 - 00000000 __RHD () C:\MSOCache
2014-04-21 22:51 - 2012-12-22 10:26 - 00000967 _____ () C:\Windows\ODBCINST.INI
2014-04-21 22:51 - 2012-12-22 10:26 - 00000777 _____ () C:\Windows\ODBC.INI
2014-04-21 22:51 - 2012-12-22 10:26 - 00000011 _____ () C:\Windows\exchng.ini
2014-04-21 22:51 - 2012-12-22 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office97
2014-04-21 22:51 - 2012-12-22 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Nachschlagewerke
2014-04-21 22:51 - 2012-12-22 10:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office97
2014-04-21 22:51 - 2012-07-26 10:12 - 00000000 __RSD () C:\Windows\Media
2014-04-21 22:50 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\System
2014-04-21 22:50 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Help
2014-04-21 22:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-04-21 22:44 - 2012-08-14 05:50 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-04-21 22:44 - 2012-08-14 05:50 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-04-21 22:44 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-21 22:34 - 2014-04-21 22:34 - 00000000 ____D () C:\Users\franz\AppData\Roaming\InstallShield
2014-04-21 22:10 - 2012-12-22 09:25 - 00000000 ___RD () C:\Users\franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 22:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-21 22:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-21 21:04 - 2013-08-19 08:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-21 21:01 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-18 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-16 08:34 - 2012-12-22 09:24 - 00000000 ____D () C:\Users\franz
2014-04-11 08:07 - 2014-04-11 08:07 - 00041790 _____ () C:\Users\franz\Documents\flaschensuchenliste.xls
2014-04-10 18:11 - 2013-01-05 16:59 - 00002188 ____H () C:\Users\franz\Documents\Default.rdp
2014-04-03 09:51 - 2014-04-23 23:18 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 23:18 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 23:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 23:18 - 2014-04-21 22:10 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-21 22:10 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2012-12-27 12:37 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\franz\AppData\Local\Temp\avgnt.exe
C:\Users\franz\AppData\Local\Temp\BackupSetup.exe
C:\Users\franz\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\franz\AppData\Local\Temp\Delta.exe
C:\Users\franz\AppData\Local\Temp\DeltaTB.exe
C:\Users\franz\AppData\Local\Temp\MybabylonTB.exe
C:\Users\franz\AppData\Local\Temp\ose00000.exe
C:\Users\franz\AppData\Local\Temp\propsys.dll
C:\Users\franz\AppData\Local\Temp\Quarantine.exe
C:\Users\franz\AppData\Local\Temp\WSSetup.exe
C:\Users\franz\AppData\Local\Temp\_is63B6.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-24 01:12

==================== End Of Log ============================

--- --- ---

Danke

haiflosse · 26.04.2014, 22:53

Danke für die Hilfe.
Hier die Ergebnisse:

Code:

ATTFilter

3.7.9.216
www.hitmanpro.com

   Computer name . . . . : LAPTOP
   Windows . . . . . . . : 6.2.0.9200.X64/4
   User name . . . . . . : Laptop\franz
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-04-26 23:43:18
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 16s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 9

   Objects scanned . . . : 1*635*560
   Files scanned . . . . : 30*326
   Remnants scanned  . . : 413*400 files / 1*191*834 keys

Potential Unwanted Programs _________________________________________________

   HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} (iLivid)

Cookies _____________________________________________________________________

   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\0M58QHOO.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\4QN4202W.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\B32ZK8CL.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\G3K8AO62.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\ITTPXR5Q.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\Q79ZZLDO.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\QB60H03T.txt
   C:\Users\franz\AppData\Roaming\Microsoft\Windows\Cookies\QXDG9ZTO.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by franz at 2014-04-26 23:50:05
Running from C:\Users\franz\Downloads\programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

A1 Dashboard (HKLM-x32\...\A1 Dashboard) (Version: 1.17.0.0 - A1 Telekom Austria AG)
A1 Dashboard (x32 Version: 1.17.0.0 - A1 Telekom Austria AG) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1 - Adobe Systems, Inc.)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3111_44883 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3124 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4125.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0814 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0814 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (x32 Version: 5.0.1930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Whiz (HKLM-x32\...\{0B540DA4-41AE-4B79-BEAB-0F07E09669AB}) (Version: 8.1 - Driver Whiz)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
HOFER Bestellsoftware 4.9.6 (HKLM-x32\...\HOFER Bestellsoftware) (Version: 4.9.6 - ORWO Net)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

22-04-2014 20:53:49 avast! antivirus system restore point

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {42EEF210-471C-4C1B-92C1-0172348E7FDF} - System32\Tasks\Driver Whiz-RTMRules => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {4DEACA03-F6FF-46B1-B064-15E1156ACFDF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {5CBCECBC-9402-4786-945E-BFE1BCFFF328} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-21] ()
Task: {6BA3EA02-EFF5-4FFC-8F69-BB28F10002C1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-22] (AVAST Software)
Task: {6DF8815E-74D9-4944-A1F1-4C82E6E321D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7F98C161-7B61-457D-B002-E299FA2DB947} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {A1475358-C911-4493-9F29-B9094BAA92B3} - System32\Tasks\Driver Whiz-RTMScanRunOnce => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B94521DC-DBE9-4214-84CF-87FADC242C0D} - System32\Tasks\Driver Whiz-RTMUpdater => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {BB8DFBA1-34F6-4116-9D41-960E2FD4F0DE} - System32\Tasks\Driver Whiz-RTMScan => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EF6A3C2D-1F7A-4850-A8B8-7B973017ED2A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FFBDDB35-B666-4699-A9A7-890A2035B6FB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

==================== Loaded Modules (whitelisted) =============

2012-08-14 08:15 - 2010-08-19 11:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-08-14 07:57 - 2012-08-03 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-19 10:00 - 2013-09-19 10:00 - 00684416 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\ThemePack.DriverWhiz.dll
2013-09-19 09:31 - 2013-09-19 09:31 - 00412064 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\Agent.Communication.XmlSerializers.dll
2014-04-24 14:18 - 2014-04-24 14:18 - 02215936 _____ () C:\Program Files\AVAST Software\Avast\defs\14042400\algo.dll
2014-04-25 01:04 - 2014-04-25 01:04 - 02215936 _____ () C:\Program Files\AVAST Software\Avast\defs\14042401\algo.dll
2014-04-24 03:05 - 2014-04-24 03:05 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b1c5b85477b09ceb4fa27fdf6e37e617\PSIClient.ni.dll
2012-08-14 08:45 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-14 08:13 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-04-22 22:54 - 2014-04-22 22:54 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2014 01:04:49 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/25/2014 01:04:11 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026390
ID des fehlerhaften Prozesses: 0x5e0
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (04/24/2014 06:30:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 02:18:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026390
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (04/24/2014 02:18:00 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 02:17:50 PM) (Source: ESENT) (User: )
Description: taskhostex (4032) WebCacheLocal: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (04/24/2014 02:17:50 PM) (Source: ESENT) (User: )
Description: taskhostex (4032) WebCacheLocal: Versuch, Datei "C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (04/24/2014 06:55:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 06:55:40 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/24/2014 01:21:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============
Error: (04/25/2014 01:04:41 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/25/2014 01:04:15 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/25/2014 01:04:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/25/2014 01:03:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/25/2014 01:02:48 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎24.‎04.‎2014 um 18:16:41 unerwartet heruntergefahren.

Error: (04/25/2014 01:02:32 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (04/24/2014 02:18:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/24/2014 02:18:33 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/24/2014 02:18:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (04/24/2014 02:16:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127


Microsoft Office Sessions:
=========================
Error: (04/25/2014 01:04:49 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/25/2014 01:04:11 AM) (Source: Application Error)(User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec000000500000000000263905e001cf6011645f5b47C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllbedf768d-cc04-11e3-beb5-84a6c8038f35

Error: (04/24/2014 06:30:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/24/2014 02:18:20 PM) (Source: Application Error)(User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec00000050000000000026390ac001cf5fb72207a09aC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll85ade822-cbaa-11e3-beb4-84a6c8038f35

Error: (04/24/2014 02:18:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/24/2014 02:17:50 PM) (Source: ESENT)(User: )
Description: taskhostex4032WebCacheLocal: C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)

Error: (04/24/2014 02:17:50 PM) (Source: ESENT)(User: )
Description: taskhostex4032WebCacheLocal: C:\Users\franz\AppData\Local\Microsoft\Windows\WebCache\V01.log-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (04/24/2014 06:55:42 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/24/2014 06:55:40 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\franz\Downloads\programme\esetsmartinstaller_enu.exe

Error: (04/24/2014 01:21:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 3961.66 MB
Available physical RAM: 2380.45 MB
Total Pagefile: 15737.66 MB
Available Pagefile: 14176.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:450.07 GB) (Free:399.08 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.28 GB) NTFS
Drive e: (Volume) (Fixed) (Total:419.92 GB) (Free:418.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by franz (administrator) on LAPTOP on 26-04-2014 23:49:28
Running from C:\Users\franz\Downloads\programme
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-22] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\Run: [Driver Whiz] => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [3976560 2013-09-19] (PC Drivers Headquarters)
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: H - "H:\Autorun.exe" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {287d56b5-f056-11e1-be85-806e6f6e6963} - "G:\SETUP.EXE" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {951271eb-5744-11e2-be90-84a6c8038f35} - "H:\Autorun.exe" 
HKU\S-1-5-21-1895014420-3724956696-1138181978-1001\...\MountPoints2: {ff2922a4-5740-11e2-be8f-84a6c8038f35} - "H:\Autorun.exe" 
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.at/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKCU - {F527FC21-36B5-4BB5-98A8-193783FB6D51} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.138

FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-22] (AVAST Software)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-22] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 23:41 - 2014-04-26 23:48 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-24 06:55 - 2014-04-24 06:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-23 23:39 - 2014-04-23 23:41 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:18 - 2014-04-26 23:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 23:18 - 2014-04-23 23:18 - 00001136 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-23 23:18 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-23 23:18 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-22 23:05 - 2014-04-26 23:49 - 00000000 ____D () C:\FRST
2014-04-22 23:03 - 2014-04-26 23:49 - 00000000 ____D () C:\Users\franz\Downloads\programme
2014-04-22 22:55 - 2014-04-23 23:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-22 22:55 - 2014-04-22 22:55 - 00001980 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\Users\franz\AppData\Roaming\AVAST Software
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-22 22:54 - 2014-04-22 22:54 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-22 22:54 - 2014-04-22 22:54 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-22 22:54 - 2014-04-22 22:54 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-22 22:53 - 2014-04-22 22:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-22 22:47 - 2014-04-22 22:48 - 88882192 _____ (AVAST Software) C:\Users\franz\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-04-22 00:01 - 2012-09-29 07:52 - 01070152 _____ (Microsoft Corporation) C:\Users\franz\Documents\MSCOMCTL.OCX
2014-04-22 00:01 - 1998-05-09 01:00 - 00129264 _____ (Microsoft Corporation) C:\Users\franz\Documents\IELABEL.OCX
2014-04-22 00:00 - 2005-04-15 19:58 - 01351392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-04-21 23:53 - 2014-04-21 23:55 - 00001650 _____ () C:\Users\franz\Desktop\Aquatechnik.lnk
2014-04-21 23:46 - 2014-04-23 23:46 - 00000000 ____D () C:\Windows\AutoKMS
2014-04-21 23:46 - 2014-04-21 23:46 - 00003238 _____ () C:\Windows\System32\Tasks\AutoKMSCustom
2014-04-21 23:44 - 2014-04-21 23:44 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-04-21 23:12 - 2014-04-21 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 23:06 - 2014-04-21 23:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-04-21 23:02 - 2014-04-21 23:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\franz\AppData\Local\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-21 23:01 - 2014-04-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-21 23:00 - 2014-04-21 23:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-21 22:58 - 2014-04-21 22:58 - 00000000 __RHD () C:\MSOCache
2014-04-21 22:38 - 2014-04-22 22:51 - 00463032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 22:34 - 2014-04-21 22:34 - 00000000 ____D () C:\Users\franz\AppData\Roaming\InstallShield
2014-04-21 22:10 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-21 22:10 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-18 13:39 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-18 13:39 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-18 13:39 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-18 13:39 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-18 13:39 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-18 13:39 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-18 13:39 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-18 13:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-18 13:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-18 13:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-18 13:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-18 13:39 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-18 13:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-18 13:39 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-18 13:39 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-18 13:39 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-18 13:38 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-18 13:38 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 13:38 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 13:38 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-18 13:22 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-18 13:22 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-18 13:22 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-18 13:22 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-18 13:10 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-18 13:10 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-18 13:10 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-18 13:10 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 08:07 - 2014-04-11 08:07 - 00041790 _____ () C:\Users\franz\Documents\flaschensuchenliste.xls
2014-04-05 08:47 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-05 08:47 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-05 08:46 - 2013-12-05 01:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-05 08:46 - 2013-12-05 01:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-05 08:45 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-05 08:45 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-05 08:45 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-05 08:45 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-05 08:45 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-05 08:41 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-04-05 08:41 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-04-05 08:41 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-04-05 08:41 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-04-05 08:41 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-04-05 08:41 - 2013-10-28 07:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-04-05 08:41 - 2013-10-28 06:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-04-05 08:41 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-04-05 08:41 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-05 08:41 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-05 08:41 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-05 08:41 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-05 08:40 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-04-05 08:40 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-04-05 08:39 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-05 08:39 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-05 08:39 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-05 08:39 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-05 08:33 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-05 08:33 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-26 23:49 - 2014-04-22 23:05 - 00000000 ____D () C:\FRST
2014-04-26 23:49 - 2014-04-22 23:03 - 00000000 ____D () C:\Users\franz\Downloads\programme
2014-04-26 23:48 - 2014-04-26 23:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-26 23:48 - 2012-12-22 09:22 - 01736947 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 23:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-26 23:39 - 2014-04-23 23:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 23:39 - 2012-12-22 09:26 - 00000000 ____D () C:\Users\franz\Documents\Youcam
2014-04-25 01:07 - 2012-12-22 09:26 - 00000000 ____D () C:\Users\franz\AppData\Local\CyberLink
2014-04-25 01:04 - 2013-01-15 14:02 - 00051200 ___SH () C:\Users\franz\Desktop\Thumbs.db
2014-04-25 01:03 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 14:16 - 2012-08-14 14:01 - 00193450 _____ () C:\Windows\PFRO.log
2014-04-24 06:55 - 2014-04-24 06:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-24 01:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-23 23:46 - 2014-04-21 23:46 - 00000000 ____D () C:\Windows\AutoKMS
2014-04-23 23:41 - 2014-04-23 23:39 - 00000000 ____D () C:\AdwCleaner
2014-04-23 23:41 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-23 23:35 - 2014-04-22 22:55 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-23 23:33 - 2012-08-14 07:31 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-23 23:31 - 2012-12-22 09:31 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1895014420-3724956696-1138181978-1001
2014-04-23 23:18 - 2014-04-23 23:18 - 00001136 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 23:18 - 2014-04-23 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 23:13 - 2012-12-22 09:25 - 00000000 ___RD () C:\Users\franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 22:55 - 2014-04-22 22:55 - 00001980 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\Users\franz\AppData\Roaming\AVAST Software
2014-04-22 22:55 - 2014-04-22 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-22 22:54 - 2014-04-22 22:54 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-22 22:54 - 2014-04-22 22:54 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-22 22:54 - 2014-04-22 22:54 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-22 22:54 - 2014-04-22 22:54 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-22 22:53 - 2014-04-22 22:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-22 22:51 - 2014-04-21 22:38 - 00463032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-22 22:48 - 2014-04-22 22:47 - 88882192 _____ (AVAST Software) C:\Users\franz\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-04-21 23:55 - 2014-04-21 23:53 - 00001650 _____ () C:\Users\franz\Desktop\Aquatechnik.lnk
2014-04-21 23:46 - 2014-04-21 23:46 - 00003238 _____ () C:\Windows\System32\Tasks\AutoKMSCustom
2014-04-21 23:44 - 2014-04-21 23:44 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-04-21 23:13 - 2014-04-21 23:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 23:12 - 2014-04-21 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-21 23:11 - 2012-07-26 09:52 - 00000000 ____D () C:\Windows\ShellNew
2014-04-21 23:09 - 2014-04-21 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 23:06 - 2014-04-21 23:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-21 23:05 - 2012-07-26 07:26 - 00000167 _____ () C:\Windows\win.ini
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\franz\AppData\Local\Microsoft Help
2014-04-21 23:02 - 2014-04-21 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-04-21 23:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-21 23:00 - 2014-04-21 23:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-21 22:58 - 2014-04-21 22:58 - 00000000 __RHD () C:\MSOCache
2014-04-21 22:51 - 2012-12-22 10:26 - 00000967 _____ () C:\Windows\ODBCINST.INI
2014-04-21 22:51 - 2012-12-22 10:26 - 00000777 _____ () C:\Windows\ODBC.INI
2014-04-21 22:51 - 2012-12-22 10:26 - 00000011 _____ () C:\Windows\exchng.ini
2014-04-21 22:51 - 2012-12-22 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office97
2014-04-21 22:51 - 2012-12-22 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Nachschlagewerke
2014-04-21 22:51 - 2012-12-22 10:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office97
2014-04-21 22:51 - 2012-07-26 10:12 - 00000000 __RSD () C:\Windows\Media
2014-04-21 22:50 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\System
2014-04-21 22:50 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Help
2014-04-21 22:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-04-21 22:44 - 2012-08-14 05:50 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-04-21 22:44 - 2012-08-14 05:50 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-04-21 22:44 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-21 22:34 - 2014-04-21 22:34 - 00000000 ____D () C:\Users\franz\AppData\Roaming\InstallShield
2014-04-21 22:10 - 2012-12-22 09:25 - 00000000 ___RD () C:\Users\franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 22:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-21 22:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-21 22:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-21 21:04 - 2013-08-19 08:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-21 21:01 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-18 13:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-16 08:34 - 2012-12-22 09:24 - 00000000 ____D () C:\Users\franz
2014-04-11 08:07 - 2014-04-11 08:07 - 00041790 _____ () C:\Users\franz\Documents\flaschensuchenliste.xls
2014-04-10 18:11 - 2013-01-05 16:59 - 00002188 ____H () C:\Users\franz\Documents\Default.rdp
2014-04-03 09:51 - 2014-04-23 23:18 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 23:18 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 23:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 23:18 - 2014-04-21 22:10 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-21 22:10 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2012-12-27 12:37 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\franz\AppData\Local\Temp\avgnt.exe
C:\Users\franz\AppData\Local\Temp\BackupSetup.exe
C:\Users\franz\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\franz\AppData\Local\Temp\Delta.exe
C:\Users\franz\AppData\Local\Temp\DeltaTB.exe
C:\Users\franz\AppData\Local\Temp\MybabylonTB.exe
C:\Users\franz\AppData\Local\Temp\ose00000.exe
C:\Users\franz\AppData\Local\Temp\propsys.dll
C:\Users\franz\AppData\Local\Temp\Quarantine.exe
C:\Users\franz\AppData\Local\Temp\WSSetup.exe
C:\Users\franz\AppData\Local\Temp\_is63B6.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-24 01:12

==================== End Of Log ============================

--- --- ---

--- --- ---

Danke

deeprybka · 27.04.2014, 14:39

Hi, weiter gehts!

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter

IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Fix-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Schritt 2

Bitte lade und installiere von hier den neuesten Internetexplorer.

Bitte lade und installiere von hier den neuesten Flashplayer.
Führe das am besten mit dem IE und dem Firefox durch und verzichte auf alle optionalen Angebote.

Schritt 3

Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

25.04.2014, 05:06	#3
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Medion connect xl Rechner prüfen Hallo, bitte das Suchlaufprotokoll von MBAM posten... __________________ __________________

Medion connect xl Rechner prüfen

Plagegeister aller Art und deren Bekämpfung: Medion connect xl Rechner prüfen