| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adware nicht vollständig entferntWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.08.2014, 09:51
| #1 |
 |  Adware nicht vollständig entfernt Hallo, ich hatte mir aus Dummheit wohl über einen Converter trovi eingefangen. Den Converter hab ich mit Revo deinstalliert und danach den adw cleaner & Malwarebytes drüber laufen lassen. Alle Browser hab ich zurückgesetzt. Bei Firefox & Chrome bekam ich aber immer mal wieder einen Fund. Firefox ist nun komplett deinstalliert, Chrome hab ich neu installiert, dennoch findet sich immer wieder eine Meldung in diesem Pfad AppData\Local\Google\Chrome\User Data\Default\preferences hier ist die FRST log Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04 Ran by Marc (administrator) on FUCKUP on 19-08-2014 10:21:10 Running from C:\Users\Marc\Desktop Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe () C:\Users\Marc\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dropbox, Inc.) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Plugin Install] => C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2014-06-13] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1953792 2014-05-16] () HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-21] (Nero AG) HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\Run: [Amazon Cloud Player] => C:\Users\Marc\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\MountPoints2: {addbf117-e7ea-11e2-8027-10bf48768eb3} - H:\LGAutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk ShortcutTarget: ProfileReminder.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG) Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0C35297835B9CF01 SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File Handler-x32: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-08-17] Chrome: ======= CHR HomePage: CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18] CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18] CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18] CHR Extension: (Google-Suche) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18] CHR Extension: (Video Downloader professional) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-08-18] CHR Extension: (avast! SafePrice) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-18] CHR Extension: (avast! Online Security) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-18] CHR Extension: (Google Wallet) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18] CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-16] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-16] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-16] (AVAST Software) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-08-16] (IObit) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-16] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-16] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-16] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-16] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-16] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-16] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-16] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-16] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-16] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-16] () S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () S3 SeqCal; C:\Windows\System32\DRIVERS\SeqCal.sys [7808 2005-12-21] (GretagMacbeth LLC) S2 PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [X] S3 usbbus; system32\DRIVERS\lgx64bus.sys [X] S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X] S3 USBModem; system32\DRIVERS\lgx64modem.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] U3 pxldypoc; \??\C:\Users\Marc\AppData\Local\Temp\pxldypoc.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-19 10:14 - 2014-08-19 10:14 - 00397296 _____ () C:\Users\Marc\Desktop\Gmer.txt 2014-08-19 10:05 - 2014-08-19 10:05 - 00380416 _____ () C:\Users\Marc\Desktop\Gmer-19357.exe 2014-08-19 10:04 - 2014-08-19 10:21 - 00019180 _____ () C:\Users\Marc\Desktop\FRST.txt 2014-08-19 10:03 - 2014-08-19 10:03 - 00000470 _____ () C:\Users\Marc\Desktop\defogger_disable.log 2014-08-19 10:03 - 2014-08-19 10:03 - 00000000 _____ () C:\Users\Marc\defogger_reenable 2014-08-19 10:02 - 2014-08-19 10:02 - 00050477 _____ () C:\Users\Marc\Desktop\Defogger.exe 2014-08-18 15:37 - 2014-08-18 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\Program Files (x86)\Wondershare 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iPod 2014-08-17 22:25 - 2014-08-19 10:21 - 00000000 ____D () C:\FRST 2014-08-17 22:24 - 2014-08-17 22:24 - 02101760 _____ (Farbar) C:\Users\Marc\Desktop\FRST64.exe 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Deployment 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Apps\2.0 2014-08-17 19:00 - 2014-08-19 10:16 - 00185948 _____ () C:\Windows\WindowsUpdate.log 2014-08-16 20:36 - 2014-08-16 20:36 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438181631387905 2014-08-16 19:15 - 2014-08-16 19:15 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438133112472781 2014-08-16 17:47 - 2014-08-16 17:47 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder 2014-08-16 16:08 - 2014-08-16 16:08 - 00000674 _____ () C:\Users\Marc\Documents\Marc - Verknüpfung.lnk 2014-08-16 16:05 - 2014-08-16 16:05 - 00000000 ____D () C:\Users\Marc\Documents\Freemake 2014-08-16 15:16 - 2014-08-16 15:17 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\dvdcss 2014-08-16 15:06 - 2014-08-16 15:06 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\ProductData 2014-08-16 15:05 - 2014-08-16 15:07 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-08-16 15:05 - 2014-08-16 15:06 - 00000000 ____D () C:\ProgramData\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\ProgramData\ProductData 2014-08-15 23:48 - 2014-08-15 23:48 - 01361203 _____ () C:\Users\Marc\Desktop\adwcleaner_3.306.exe 2014-08-15 20:32 - 2014-08-17 14:03 - 00000000 ____D () C:\ProgramData\Freemake 2014-08-15 20:00 - 2014-08-17 23:47 - 00000000 ____D () C:\ProgramData\Wondershare 2014-08-15 13:20 - 2014-08-18 15:45 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:27 - 00000000 ____D () C:\Users\Marc\Documents\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:22 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Local\Wondershare 2014-08-12 23:57 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-12 23:57 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-12 23:57 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-12 23:57 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-12 23:57 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-12 23:57 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-12 23:57 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-12 23:57 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-12 23:21 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-12 23:21 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-12 23:21 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-12 23:21 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-12 23:21 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-12 23:21 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-12 23:21 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-12 23:21 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-12 23:21 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-12 23:21 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-12 23:21 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-12 23:21 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-12 23:21 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-12 23:21 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-12 23:21 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-12 23:21 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-12 23:21 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-12 23:21 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-12 23:21 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-12 23:21 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-12 23:21 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-12 23:21 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-12 23:21 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-12 23:21 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-12 23:21 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-12 23:21 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-12 23:21 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-12 23:21 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-12 23:21 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-12 23:21 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-12 23:21 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-12 23:21 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-12 23:21 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-12 23:21 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-12 23:21 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-12 23:21 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-12 23:21 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-12 23:21 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-12 23:21 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-12 23:21 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-12 23:21 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-12 23:21 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-12 23:21 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-12 23:21 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-12 23:21 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-12 23:21 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-12 23:21 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-12 23:21 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-12 23:21 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-12 23:21 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-12 23:21 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-12 23:21 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-12 23:21 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-12 23:21 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-12 23:21 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-12 23:21 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-12 23:20 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-12 23:20 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-12 23:20 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-12 23:20 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-12 23:20 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-12 23:20 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-12 23:20 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-12 23:20 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-12 23:20 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-12 23:20 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-12 23:20 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-12 23:20 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-12 23:20 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-12 23:20 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-12 23:20 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-12 23:20 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-12 23:20 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-12 23:20 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-12 23:20 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-12 23:20 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-12 23:20 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-01 20:03 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-01 20:03 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-01 20:03 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-01 20:03 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-01 20:03 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-01 20:03 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-01 20:03 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-01 20:03 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-07-22 18:07 - 2014-07-22 18:07 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-19 10:21 - 2014-08-19 10:04 - 00019180 _____ () C:\Users\Marc\Desktop\FRST.txt 2014-08-19 10:21 - 2014-08-17 22:25 - 00000000 ____D () C:\FRST 2014-08-19 10:17 - 2014-06-04 21:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-19 10:16 - 2014-08-17 19:00 - 00185948 _____ () C:\Windows\WindowsUpdate.log 2014-08-19 10:14 - 2014-08-19 10:14 - 00397296 _____ () C:\Users\Marc\Desktop\Gmer.txt 2014-08-19 10:10 - 2012-11-24 08:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-19 10:05 - 2014-08-19 10:05 - 00380416 _____ () C:\Users\Marc\Desktop\Gmer-19357.exe 2014-08-19 10:03 - 2014-08-19 10:03 - 00000470 _____ () C:\Users\Marc\Desktop\defogger_disable.log 2014-08-19 10:03 - 2014-08-19 10:03 - 00000000 _____ () C:\Users\Marc\defogger_reenable 2014-08-19 10:03 - 2012-10-30 22:13 - 00000000 ____D () C:\Users\Marc 2014-08-19 10:02 - 2014-08-19 10:02 - 00050477 _____ () C:\Users\Marc\Desktop\Defogger.exe 2014-08-19 09:53 - 2012-11-01 09:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-19 09:11 - 2012-11-01 10:36 - 00000000 ____D () C:\Users\Marc\AppData\Local\Adobe 2014-08-19 09:08 - 2009-07-14 06:45 - 00030544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-19 09:08 - 2009-07-14 06:45 - 00030544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-19 09:05 - 2013-06-19 20:26 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{04E08063-6166-4D6E-8D24-52613E27F3CD} 2014-08-19 09:05 - 2012-10-31 07:07 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2014-08-19 09:05 - 2012-10-31 07:07 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2014-08-19 09:05 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-19 09:01 - 2014-07-16 22:42 - 00000000 ___RD () C:\Users\Marc\Dropbox 2014-08-19 09:01 - 2014-07-16 22:41 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Dropbox 2014-08-19 09:01 - 2012-11-24 08:04 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-19 09:01 - 2012-10-30 22:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-19 09:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-18 22:18 - 2009-07-14 06:45 - 05054240 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-18 22:17 - 2014-06-04 21:43 - 00000000 ____D () C:\AdwCleaner 2014-08-18 19:51 - 2014-06-04 21:47 - 01016261 _____ (Thisisu) C:\Users\Marc\Desktop\JRT.exe 2014-08-18 15:45 - 2014-08-15 13:20 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate 2014-08-18 15:37 - 2014-08-18 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-18 15:37 - 2012-10-30 22:28 - 00000000 ____D () C:\Users\Marc\AppData\Local\Google 2014-08-18 15:36 - 2012-10-30 22:28 - 00000000 ____D () C:\Program Files (x86)\Google 2014-08-18 15:04 - 2012-10-30 22:13 - 00000000 ____D () C:\Users\Marc\AppData\Local\VirtualStore 2014-08-18 10:40 - 2014-06-11 17:54 - 00000939 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\Program Files (x86)\Wondershare 2014-08-17 23:47 - 2014-08-15 20:00 - 00000000 ____D () C:\ProgramData\Wondershare 2014-08-17 22:55 - 2013-09-22 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX 2014-08-17 22:55 - 2012-11-01 09:58 - 00000000 ____D () C:\Program Files\DivX 2014-08-17 22:55 - 2012-11-01 09:57 - 00000000 ____D () C:\ProgramData\DivX 2014-08-17 22:55 - 2012-11-01 09:57 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iPod 2014-08-17 22:53 - 2013-05-04 09:50 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-17 22:34 - 2014-06-11 17:54 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-17 22:24 - 2014-08-17 22:24 - 02101760 _____ (Farbar) C:\Users\Marc\Desktop\FRST64.exe 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Deployment 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Apps\2.0 2014-08-17 19:20 - 2012-11-01 10:03 - 00000000 ____D () C:\Users\Marc\AppData\Local\Last.fm 2014-08-17 19:08 - 2013-08-03 20:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-17 14:03 - 2014-08-15 20:32 - 00000000 ____D () C:\ProgramData\Freemake 2014-08-16 20:36 - 2014-08-16 20:36 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438181631387905 2014-08-16 19:15 - 2014-08-16 19:15 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438133112472781 2014-08-16 17:47 - 2014-08-16 17:47 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder 2014-08-16 16:08 - 2014-08-16 16:08 - 00000674 _____ () C:\Users\Marc\Documents\Marc - Verknüpfung.lnk 2014-08-16 16:05 - 2014-08-16 16:05 - 00000000 ____D () C:\Users\Marc\Documents\Freemake 2014-08-16 15:17 - 2014-08-16 15:16 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\dvdcss 2014-08-16 15:07 - 2014-08-16 15:05 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-08-16 15:06 - 2014-08-16 15:06 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\ProductData 2014-08-16 15:06 - 2014-08-16 15:05 - 00000000 ____D () C:\ProgramData\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\ProgramData\ProductData 2014-08-16 11:24 - 2012-11-01 09:56 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-16 11:24 - 2012-11-01 09:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-16 11:24 - 2012-11-01 09:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-16 10:51 - 2012-11-01 10:38 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-08-15 23:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages 2014-08-15 23:48 - 2014-08-15 23:48 - 01361203 _____ () C:\Users\Marc\Desktop\adwcleaner_3.306.exe 2014-08-15 20:33 - 2014-05-21 20:05 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-08-15 20:07 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance 2014-08-15 19:53 - 2014-06-04 15:45 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\DVDVideoSoft 2014-08-15 15:02 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-08-15 13:27 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\Documents\Wondershare Video Converter Ultimate 2014-08-15 13:22 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Local\Wondershare 2014-08-15 13:06 - 2012-11-01 13:14 - 00000000 ____D () C:\ProgramData\Origin 2014-08-15 13:06 - 2012-11-01 13:14 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-14 23:45 - 2013-09-26 18:46 - 00000000 ____D () C:\Users\Marc\Documents\FIFA 14 2014-08-14 10:25 - 2014-07-16 22:41 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-08-13 18:03 - 2012-10-30 22:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-08-13 16:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-13 15:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-13 00:05 - 2012-11-25 21:38 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-13 00:01 - 2013-07-12 13:26 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-13 00:00 - 2012-11-03 13:36 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-12 23:57 - 2014-05-06 22:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-12 21:52 - 2014-07-08 19:25 - 01327820 _____ () C:\Users\Marc\AppData\Roaming\PS13_panel.log 2014-08-11 22:39 - 2013-09-26 18:12 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-08-10 15:24 - 2012-11-25 21:38 - 00000000 ____D () C:\Users\Marc\AppData\Local\Microsoft Help 2014-08-09 23:46 - 2013-09-22 12:04 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-07 04:06 - 2014-08-12 23:20 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-12 23:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-08-01 01:41 - 2014-08-12 23:21 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-01 01:16 - 2014-08-12 23:21 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-25 16:52 - 2014-08-12 23:21 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-25 16:02 - 2014-08-12 23:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-25 16:01 - 2014-08-12 23:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-25 15:51 - 2014-08-12 23:21 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-25 15:30 - 2014-08-12 23:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-25 15:28 - 2014-08-12 23:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-25 15:28 - 2014-08-12 23:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-25 15:25 - 2014-08-12 23:21 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-25 15:25 - 2014-08-12 23:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-25 15:11 - 2014-08-12 23:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-25 15:10 - 2014-08-12 23:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-25 15:04 - 2014-08-12 23:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-25 15:03 - 2014-08-12 23:21 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-25 15:00 - 2014-08-12 23:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-25 15:00 - 2014-08-12 23:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-25 14:59 - 2014-08-12 23:21 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-25 14:47 - 2014-08-12 23:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-25 14:40 - 2014-08-12 23:21 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-25 14:34 - 2014-08-12 23:21 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-25 14:34 - 2014-08-12 23:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-25 14:33 - 2014-08-12 23:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-25 14:30 - 2014-08-12 23:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-25 14:28 - 2014-08-12 23:21 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-25 14:28 - 2014-08-12 23:21 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-25 14:21 - 2014-08-12 23:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-25 14:19 - 2014-08-12 23:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-25 14:18 - 2014-08-12 23:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-25 14:17 - 2014-08-12 23:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-25 14:17 - 2014-08-12 23:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-25 14:12 - 2014-08-12 23:21 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-25 14:10 - 2014-08-12 23:21 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-25 14:10 - 2014-08-12 23:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-25 14:08 - 2014-08-12 23:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-25 14:06 - 2014-08-12 23:21 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-25 13:52 - 2014-08-12 23:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-25 13:47 - 2014-08-12 23:21 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-25 13:43 - 2014-08-12 23:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-25 13:42 - 2014-08-12 23:21 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-25 13:39 - 2014-08-12 23:21 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-25 13:39 - 2014-08-12 23:21 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-25 13:36 - 2014-08-12 23:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-25 13:34 - 2014-08-12 23:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-25 13:29 - 2014-08-12 23:21 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-25 13:23 - 2014-08-12 23:21 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-25 13:13 - 2014-08-12 23:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-25 13:07 - 2014-08-12 23:21 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-25 13:07 - 2014-08-12 23:21 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-25 13:03 - 2014-08-12 23:21 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-25 12:52 - 2014-08-12 23:21 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-25 12:26 - 2014-08-12 23:21 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-25 12:17 - 2014-08-12 23:21 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-25 12:09 - 2014-08-12 23:21 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-25 12:05 - 2014-08-12 23:21 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-25 12:00 - 2014-08-12 23:21 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-22 18:07 - 2014-07-22 18:07 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk 2014-07-22 18:07 - 2012-11-01 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe Some content of TEMP: ==================== C:\Users\Marc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptjni1a.dll C:\Users\Marc\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-17 01:16 ==================== End Of Log ============================ hier die Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Marc at 2014-08-19 10:21:33
Running from C:\Users\Marc\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.11 - Adobe Systems)
Adobe After Effects CS4 (HKLM-x32\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (HKLM-x32\...\Adobe_5aab5a491a3a52ae624fd639f6aaa95) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (HKLM-x32\...\Adobe_5eba9bbdf1514a06b1a4c79a2920188) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (HKLM-x32\...\Adobe_7774cb1e022c49962995a9014500066) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.3 - Adobe Systems, Incorporated) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Any Video Converter 5.5.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.8.0 - Asmedia Technology)
avast! Premier (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CINEMA 4D 13.061 (HKLM\...\MAXONFB05E576) (Version: 13.061 - MAXON Computer GmbH)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Eye-One Match 3.6.2 (HKLM-x32\...\Eye-One Match_is1) (Version: 3.6.2 - GretagMacbeth)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
i1_driver_installer_utility_i1Match version 1.0 (HKLM-x32\...\i1_driver_installer_utility_i1Match_is1) (Version: - X-Rite)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{2B8F4D70-F9CA-4E94-B2A5-49AAD4CE1031}) (Version: 8.0.228 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtua Tennis 4 (x32 Version: 1.0.0001.130 - Sega) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wondershare Video Converter Ultimate(Build 7.3.0.3) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 7.3.0.3 - Wondershare Software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1844649791-2127263454-1514235693-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-08-2014 12:02:12 Revo Uninstaller's restore point - ESET Online Scanner v3
17-08-2014 12:03:19 Revo Uninstaller's restore point - Freemake Video Converter Version 2.3.2
17-08-2014 12:07:08 Removed Free SystemUtilities
17-08-2014 12:31:08 Revo Uninstaller's restore point - Google Chrome
17-08-2014 17:00:12 Windows-Sicherung
17-08-2014 17:04:47 Revo Uninstaller's restore point - Mozilla Firefox 31.0 (x86 de)
17-08-2014 17:06:13 Revo Uninstaller's restore point - Mozilla Firefox 31.0 (x86 de)
17-08-2014 17:07:41 Revo Uninstaller's restore point - Anno 1701
17-08-2014 17:08:33 Entfernt Anno 1701
17-08-2014 20:51:10 Installed iTunes
18-08-2014 13:34:45 Revo Uninstaller's restore point - Google Chrome
18-08-2014 13:47:20 Revo Uninstaller's restore point - Java 7 Update 67
18-08-2014 13:47:34 Removed Java 7 Update 67
19-08-2014 07:06:19 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2013-03-16 11:27 - 00001771 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na2m-pr.licenses.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.adobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
There are 1 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2021E421-01E2-417F-885D-E33E13A00A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {41E69479-9434-496D-ACAF-71FD8A3949C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-16] (Adobe Systems Incorporated)
Task: {5B0F1480-AC52-4D83-9C51-F3A934E72C6E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1844649791-2127263454-1514235693-1000
Task: {6E02BFBE-0C7E-4BD3-8C11-66195CD4C4BF} - System32\Tasks\AdobeAAMUpdater-1.0-FUCKUP-Marc => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {81DA0A6B-96C4-4719-95E2-CDE15D9ACDD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-24] (Google Inc.)
Task: {8DF50A0B-B3A3-4055-9288-420B74E4931F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {9C8218FF-406E-4987-BF73-606420881396} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C108C9F0-4110-4D78-A969-7967B6FCF465} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-16] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-10-30 22:25 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-17 18:35 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Marc\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-07-16 18:27 - 2014-07-16 18:27 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-18 10:07 - 2014-08-18 10:07 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081800\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-19 09:01 - 2014-08-19 09:01 - 00043008 _____ () c:\users\marc\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptjni1a.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Marc\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-08 13:22 - 2014-05-08 13:22 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2014-07-16 18:27 - 2014-07-16 18:27 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-08-15 13:20 - 2014-08-05 10:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-08-15 13:20 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2007-03-13 12:28 - 2007-03-13 12:28 - 00823296 _____ () C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll
2014-08-18 15:37 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-18 15:37 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-18 15:37 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-18 15:37 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-18 15:37 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Marc\Cookies:4BdLnmJLqaHH1B0elOE
AlternateDataStreams: C:\Users\Marc\AppData\Local\Temp:0bFE1FBWNUSx5eUYWFVIy8qopQw
AlternateDataStreams: C:\Users\Marc\AppData\Local\Temporary Internet Files:NJz7p8TJpo5Vxodbf7rTJE
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: J:\
Description: SDXC/MMC
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: K:\
Description: MS/MS-Pro/HG
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: I:\
Description: SM/xD-Picture
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2014 09:31:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/19/2014 09:31:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/19/2014 09:31:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (08/19/2014 09:31:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (08/19/2014 09:31:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/19/2014 09:01:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2014 10:18:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2014 08:00:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:00:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (08/19/2014 09:06:33 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (08/19/2014 09:06:32 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (08/19/2014 09:03:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/19/2014 09:03:32 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/19/2014 09:02:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%2
Error: (08/19/2014 09:01:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDIHWCTL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/18/2014 10:20:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/18/2014 10:20:23 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/18/2014 10:19:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%2
Error: (08/18/2014 10:18:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDIHWCTL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (10/29/2013 08:07:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-05-24 19:40:04.193
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:40:04.113
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:40:03.942
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:40:03.861
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:37:54.102
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:37:54.024
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:37:53.930
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:37:53.852
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:37:37.098
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 19:37:36.973
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD FX(tm)-4170 Quad-Core Processor
Percentage of memory in use: 17%
Total physical RAM: 16366.12 MB
Available physical RAM: 13516.58 MB
Total Pagefile: 32730.41 MB
Available Pagefile: 29897.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.47 GB) (Free:126.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Sicherung_Musik) (Fixed) (Total:298.09 GB) (Free:174.62 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:709.85 GB) NTFS
Drive h: (1403) (Fixed) (Total:465.76 GB) (Free:214.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 451E25DC)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: BEE816C4)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2076F29B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 0078DF55)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
19.08.2014, 10:15
| #2 |
| /// the machine /// TB-Ausbilder    | Adware nicht vollständig entfernt Hi,
__________________verbindest Du Chrome mit einem Google Konto?
__________________ |
|
19.08.2014, 10:55
| #3 |
| | Adware nicht vollständig entfernt ja.
__________________ |
|
20.08.2014, 07:58
| #4 |
| /// the machine /// TB-Ausbilder | Adware nicht vollständig entfernt Ok, verbinde mit Google Konto. Dann in die Einstellungen von Chrome gehen, erweitert, und von Hand alles rauslöschen was nicht hin gehört an Erweiterungen und Co. Die Malware wurde in das Google Konto eingetragen, und das Konto synct es immer wiede rin den Browser.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2014, 12:22
| #5 |
| | Adware nicht vollständig entfernt also was wirklich Verdächtiges hab ich nicht gefunden. |
|
21.08.2014, 08:02
| #6 |
| /// the machine /// TB-Ausbilder | Adware nicht vollständig entfernt Welches Tool findet was in Chrome?
__________________ --> Adware nicht vollständig entfernt |
|
21.08.2014, 08:30
| #7 |
| | Adware nicht vollständig entfernt ich hab diese Warnung für Chrome bei FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04 Ran by Marc (administrator) on FUCKUP on 21-08-2014 09:26:57 Running from C:\Users\Marc\Desktop Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe () C:\Users\Marc\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dropbox, Inc.) C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Plugin Install] => C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2014-06-13] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1953792 2014-05-16] () HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-21] (Nero AG) HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\Run: [Amazon Cloud Player] => C:\Users\Marc\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-1844649791-2127263454-1514235693-1000\...\MountPoints2: {addbf117-e7ea-11e2-8027-10bf48768eb3} - H:\LGAutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk ShortcutTarget: ProfileReminder.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG) Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0C35297835B9CF01 SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File Handler-x32: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-08-17] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-16] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-16] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-16] (AVAST Software) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-08-16] (IObit) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-16] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-16] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-16] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-16] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-16] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-16] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-16] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-16] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-16] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-16] () S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () S3 SeqCal; C:\Windows\System32\DRIVERS\SeqCal.sys [7808 2005-12-21] (GretagMacbeth LLC) S2 PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [X] S3 usbbus; system32\DRIVERS\lgx64bus.sys [X] S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X] S3 USBModem; system32\DRIVERS\lgx64modem.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-21 09:26 - 2014-08-21 09:26 - 00017348 _____ () C:\Users\Marc\Desktop\FRST.txt 2014-08-21 09:16 - 2014-08-21 09:18 - 00011323 _____ () C:\Windows\WindowsUpdate.log 2014-08-21 09:11 - 2014-08-21 09:11 - 01364531 _____ () C:\Users\Marc\Desktop\adwcleaner_3.308.exe 2014-08-19 10:28 - 2014-08-19 10:32 - 00000000 ____D () C:\Windows\Minidump 2014-08-19 10:05 - 2014-08-19 10:05 - 00380416 _____ () C:\Users\Marc\Desktop\Gmer-19357.exe 2014-08-19 10:03 - 2014-08-19 10:03 - 00000000 _____ () C:\Users\Marc\defogger_reenable 2014-08-19 10:02 - 2014-08-19 10:02 - 00050477 _____ () C:\Users\Marc\Desktop\Defogger.exe 2014-08-18 15:37 - 2014-08-18 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\Program Files (x86)\Wondershare 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iPod 2014-08-17 22:25 - 2014-08-21 09:26 - 00000000 ____D () C:\FRST 2014-08-17 22:24 - 2014-08-17 22:24 - 02101760 _____ (Farbar) C:\Users\Marc\Desktop\FRST64.exe 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Deployment 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Apps\2.0 2014-08-16 20:36 - 2014-08-16 20:36 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438181631387905 2014-08-16 19:15 - 2014-08-16 19:15 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438133112472781 2014-08-16 17:47 - 2014-08-16 17:47 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder 2014-08-16 16:08 - 2014-08-16 16:08 - 00000674 _____ () C:\Users\Marc\Documents\Marc - Verknüpfung.lnk 2014-08-16 16:05 - 2014-08-16 16:05 - 00000000 ____D () C:\Users\Marc\Documents\Freemake 2014-08-16 15:16 - 2014-08-16 15:17 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\dvdcss 2014-08-16 15:06 - 2014-08-16 15:06 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\ProductData 2014-08-16 15:05 - 2014-08-16 15:07 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-08-16 15:05 - 2014-08-16 15:06 - 00000000 ____D () C:\ProgramData\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\ProgramData\ProductData 2014-08-15 20:32 - 2014-08-17 14:03 - 00000000 ____D () C:\ProgramData\Freemake 2014-08-15 20:00 - 2014-08-17 23:47 - 00000000 ____D () C:\ProgramData\Wondershare 2014-08-15 13:20 - 2014-08-20 18:10 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:27 - 00000000 ____D () C:\Users\Marc\Documents\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:22 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Local\Wondershare 2014-08-12 23:57 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-12 23:57 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-12 23:57 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-12 23:57 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-12 23:57 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-12 23:57 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-12 23:57 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-12 23:57 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-12 23:21 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-12 23:21 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-12 23:21 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-12 23:21 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-12 23:21 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-12 23:21 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-12 23:21 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-12 23:21 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-12 23:21 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-12 23:21 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-12 23:21 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-12 23:21 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-12 23:21 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-12 23:21 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-12 23:21 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-12 23:21 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-12 23:21 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-12 23:21 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-12 23:21 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-12 23:21 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-12 23:21 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-12 23:21 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-12 23:21 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-12 23:21 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-12 23:21 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-12 23:21 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-12 23:21 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-12 23:21 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-12 23:21 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-12 23:21 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-12 23:21 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-12 23:21 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-12 23:21 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-12 23:21 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-12 23:21 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-12 23:21 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-12 23:21 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-12 23:21 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-12 23:21 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-12 23:21 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-12 23:21 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-12 23:21 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-12 23:21 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-12 23:21 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-12 23:21 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-12 23:21 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-12 23:21 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-12 23:21 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-12 23:21 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-12 23:21 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-12 23:21 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-12 23:21 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-12 23:21 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-12 23:21 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-12 23:21 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-12 23:21 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-12 23:20 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-12 23:20 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-12 23:20 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-12 23:20 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-12 23:20 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-12 23:20 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-12 23:20 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-12 23:20 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-12 23:20 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-12 23:20 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-12 23:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-12 23:20 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-12 23:20 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-12 23:20 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-12 23:20 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-12 23:20 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-12 23:20 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-12 23:20 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-12 23:20 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-12 23:20 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-12 23:20 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-12 23:20 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-12 23:20 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-01 20:03 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-01 20:03 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-01 20:03 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-01 20:03 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-01 20:03 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-01 20:03 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-01 20:03 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-01 20:03 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-01 20:03 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-07-22 18:07 - 2014-07-22 18:07 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-21 09:27 - 2014-08-21 09:26 - 00017348 _____ () C:\Users\Marc\Desktop\FRST.txt 2014-08-21 09:26 - 2014-08-17 22:25 - 00000000 ____D () C:\FRST 2014-08-21 09:21 - 2009-07-14 06:45 - 00030544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-21 09:21 - 2009-07-14 06:45 - 00030544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-21 09:18 - 2014-08-21 09:16 - 00011323 _____ () C:\Windows\WindowsUpdate.log 2014-08-21 09:18 - 2012-10-31 07:07 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2014-08-21 09:18 - 2012-10-31 07:07 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2014-08-21 09:18 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-21 09:15 - 2014-06-04 21:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-21 09:14 - 2014-07-16 22:42 - 00000000 ___RD () C:\Users\Marc\Dropbox 2014-08-21 09:14 - 2014-07-16 22:41 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Dropbox 2014-08-21 09:14 - 2012-11-24 08:04 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-21 09:14 - 2012-10-30 22:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-21 09:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-21 09:14 - 2009-07-14 06:45 - 05054240 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-21 09:13 - 2014-06-04 21:43 - 00000000 ____D () C:\AdwCleaner 2014-08-21 09:11 - 2014-08-21 09:11 - 01364531 _____ () C:\Users\Marc\Desktop\adwcleaner_3.308.exe 2014-08-21 09:10 - 2012-11-24 08:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-21 08:54 - 2012-11-01 10:36 - 00000000 ____D () C:\Users\Marc\AppData\Local\Adobe 2014-08-21 08:53 - 2012-11-01 09:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-20 21:15 - 2012-11-01 13:14 - 00000000 ____D () C:\ProgramData\Origin 2014-08-20 20:10 - 2013-09-26 18:46 - 00000000 ____D () C:\Users\Marc\Documents\FIFA 14 2014-08-20 18:29 - 2012-11-01 13:14 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-20 18:10 - 2014-08-15 13:20 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate 2014-08-20 12:05 - 2013-06-19 20:26 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{04E08063-6166-4D6E-8D24-52613E27F3CD} 2014-08-19 10:32 - 2014-08-19 10:28 - 00000000 ____D () C:\Windows\Minidump 2014-08-19 10:05 - 2014-08-19 10:05 - 00380416 _____ () C:\Users\Marc\Desktop\Gmer-19357.exe 2014-08-19 10:03 - 2014-08-19 10:03 - 00000000 _____ () C:\Users\Marc\defogger_reenable 2014-08-19 10:03 - 2012-10-30 22:13 - 00000000 ____D () C:\Users\Marc 2014-08-19 10:02 - 2014-08-19 10:02 - 00050477 _____ () C:\Users\Marc\Desktop\Defogger.exe 2014-08-18 19:51 - 2014-06-04 21:47 - 01016261 _____ (Thisisu) C:\Users\Marc\Desktop\JRT.exe 2014-08-18 15:37 - 2014-08-18 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-08-18 15:37 - 2012-10-30 22:28 - 00000000 ____D () C:\Users\Marc\AppData\Local\Google 2014-08-18 15:36 - 2012-10-30 22:28 - 00000000 ____D () C:\Program Files (x86)\Google 2014-08-18 15:04 - 2012-10-30 22:13 - 00000000 ____D () C:\Users\Marc\AppData\Local\VirtualStore 2014-08-18 10:40 - 2014-06-11 17:54 - 00000939 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2014-08-17 23:47 - 2014-08-17 23:47 - 00000000 ____D () C:\Program Files (x86)\Wondershare 2014-08-17 23:47 - 2014-08-15 20:00 - 00000000 ____D () C:\ProgramData\Wondershare 2014-08-17 22:55 - 2013-09-22 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX 2014-08-17 22:55 - 2012-11-01 09:58 - 00000000 ____D () C:\Program Files\DivX 2014-08-17 22:55 - 2012-11-01 09:57 - 00000000 ____D () C:\ProgramData\DivX 2014-08-17 22:55 - 2012-11-01 09:57 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iTunes 2014-08-17 22:53 - 2014-08-17 22:53 - 00000000 ____D () C:\Program Files\iPod 2014-08-17 22:53 - 2013-05-04 09:50 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-17 22:34 - 2014-06-11 17:54 - 00000000 ____D () C:\Program Files\CCleaner 2014-08-17 22:24 - 2014-08-17 22:24 - 02101760 _____ (Farbar) C:\Users\Marc\Desktop\FRST64.exe 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Deployment 2014-08-17 21:59 - 2014-08-17 21:59 - 00000000 ____D () C:\Users\Marc\AppData\Local\Apps\2.0 2014-08-17 19:20 - 2012-11-01 10:03 - 00000000 ____D () C:\Users\Marc\AppData\Local\Last.fm 2014-08-17 19:08 - 2013-08-03 20:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-17 14:03 - 2014-08-15 20:32 - 00000000 ____D () C:\ProgramData\Freemake 2014-08-16 20:36 - 2014-08-16 20:36 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438181631387905 2014-08-16 19:15 - 2014-08-16 19:15 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder635438133112472781 2014-08-16 17:47 - 2014-08-16 17:47 - 00000000 ___HD () C:\Users\Marc\Documents\Freemake_do_not_remove_this_folder 2014-08-16 16:08 - 2014-08-16 16:08 - 00000674 _____ () C:\Users\Marc\Documents\Marc - Verknüpfung.lnk 2014-08-16 16:05 - 2014-08-16 16:05 - 00000000 ____D () C:\Users\Marc\Documents\Freemake 2014-08-16 15:17 - 2014-08-16 15:16 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\dvdcss 2014-08-16 15:07 - 2014-08-16 15:05 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-08-16 15:06 - 2014-08-16 15:06 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\ProductData 2014-08-16 15:06 - 2014-08-16 15:05 - 00000000 ____D () C:\ProgramData\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\IObit 2014-08-16 15:05 - 2014-08-16 15:05 - 00000000 ____D () C:\ProgramData\ProductData 2014-08-16 11:24 - 2012-11-01 09:56 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-16 11:24 - 2012-11-01 09:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-16 11:24 - 2012-11-01 09:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-16 10:51 - 2012-11-01 10:38 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-08-15 23:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages 2014-08-15 20:33 - 2014-05-21 20:05 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-08-15 20:07 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance 2014-08-15 19:53 - 2014-06-04 15:45 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\DVDVideoSoft 2014-08-15 15:02 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-08-15 13:27 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\Documents\Wondershare Video Converter Ultimate 2014-08-15 13:22 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Wondershare Video Converter Ultimate 2014-08-15 13:20 - 2014-08-15 13:20 - 00000000 ____D () C:\Users\Marc\AppData\Local\Wondershare 2014-08-14 10:25 - 2014-07-16 22:41 - 00000000 ____D () C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-08-13 18:03 - 2012-10-30 22:28 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-08-13 16:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-13 15:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-13 00:05 - 2012-11-25 21:38 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-13 00:01 - 2013-07-12 13:26 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-13 00:00 - 2012-11-03 13:36 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-12 23:57 - 2014-05-06 22:43 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-12 21:52 - 2014-07-08 19:25 - 01327820 _____ () C:\Users\Marc\AppData\Roaming\PS13_panel.log 2014-08-11 22:39 - 2013-09-26 18:12 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-08-10 15:24 - 2012-11-25 21:38 - 00000000 ____D () C:\Users\Marc\AppData\Local\Microsoft Help 2014-08-09 23:46 - 2013-09-22 12:04 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-07 04:06 - 2014-08-12 23:20 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-12 23:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-08-01 01:41 - 2014-08-12 23:21 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-01 01:16 - 2014-08-12 23:21 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-25 16:52 - 2014-08-12 23:21 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-25 16:02 - 2014-08-12 23:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-25 16:01 - 2014-08-12 23:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-25 15:51 - 2014-08-12 23:21 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-25 15:30 - 2014-08-12 23:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-25 15:28 - 2014-08-12 23:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-25 15:28 - 2014-08-12 23:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-25 15:25 - 2014-08-12 23:21 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-25 15:25 - 2014-08-12 23:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-25 15:11 - 2014-08-12 23:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-25 15:10 - 2014-08-12 23:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-25 15:04 - 2014-08-12 23:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-25 15:03 - 2014-08-12 23:21 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-25 15:00 - 2014-08-12 23:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-25 15:00 - 2014-08-12 23:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-25 14:59 - 2014-08-12 23:21 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-25 14:47 - 2014-08-12 23:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-25 14:40 - 2014-08-12 23:21 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-25 14:34 - 2014-08-12 23:21 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-25 14:34 - 2014-08-12 23:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-25 14:33 - 2014-08-12 23:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-25 14:30 - 2014-08-12 23:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-25 14:28 - 2014-08-12 23:21 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-25 14:28 - 2014-08-12 23:21 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-25 14:21 - 2014-08-12 23:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-25 14:19 - 2014-08-12 23:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-25 14:18 - 2014-08-12 23:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-25 14:17 - 2014-08-12 23:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-25 14:17 - 2014-08-12 23:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-25 14:12 - 2014-08-12 23:21 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-25 14:10 - 2014-08-12 23:21 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-25 14:10 - 2014-08-12 23:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-25 14:08 - 2014-08-12 23:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-25 14:06 - 2014-08-12 23:21 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-25 13:52 - 2014-08-12 23:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-25 13:47 - 2014-08-12 23:21 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-25 13:43 - 2014-08-12 23:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-25 13:42 - 2014-08-12 23:21 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-25 13:39 - 2014-08-12 23:21 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-25 13:39 - 2014-08-12 23:21 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-25 13:36 - 2014-08-12 23:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-25 13:34 - 2014-08-12 23:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-25 13:29 - 2014-08-12 23:21 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-25 13:23 - 2014-08-12 23:21 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-25 13:13 - 2014-08-12 23:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-25 13:07 - 2014-08-12 23:21 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-25 13:07 - 2014-08-12 23:21 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-25 13:03 - 2014-08-12 23:21 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-25 12:52 - 2014-08-12 23:21 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-25 12:26 - 2014-08-12 23:21 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-25 12:17 - 2014-08-12 23:21 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-25 12:09 - 2014-08-12 23:21 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-25 12:05 - 2014-08-12 23:21 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-25 12:00 - 2014-08-12 23:21 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-22 18:07 - 2014-07-22 18:07 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk 2014-07-22 18:07 - 2012-11-01 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe Some content of TEMP: ==================== C:\Users\Marc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm8o7qy.dll C:\Users\Marc\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-17 01:16 ==================== End Of Log ============================ --- --- --- |
|
21.08.2014, 20:23
| #8 |
| /// the machine /// TB-Ausbilder | Adware nicht vollständig entfernt Das is nur ne Policy. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.08.2014, 10:30
| #9 |
| | Adware nicht vollständig entferntCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-08-2014 04
Ran by Marc at 2014-08-22 11:29:38 Run:1
Running from C:\Users\Marc\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
==== End of Fixlog ====
|
|
23.08.2014, 05:41
| #10 |
| /// the machine /// TB-Ausbilder | Adware nicht vollständig entfernt Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.08.2014, 08:14
| #11 |
| | Adware nicht vollständig entfernt Chrome ist wohl sauber Aber jetzt hat der adwCleaner etwas in der Registrierungsdatenbank gefunden. Ich hab dazu jetzt nur die Log erstellt und noch nicht gelöscht. Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 23/08/2014 um 08:53:50
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Marc - FUCKUP
# Gestartet von : C:\Users\Marc\Desktop\adwcleaner_3.308.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Google Chrome v36.0.1985.143
*************************
AdwCleaner[R0].txt - [5322 octets] - [04/06/2014 21:44:15]
AdwCleaner[R10].txt - [1963 octets] - [17/08/2014 23:11:33]
AdwCleaner[R11].txt - [1995 octets] - [17/08/2014 23:26:07]
AdwCleaner[R12].txt - [2056 octets] - [17/08/2014 23:27:59]
AdwCleaner[R13].txt - [2117 octets] - [17/08/2014 23:29:58]
AdwCleaner[R14].txt - [2451 octets] - [18/08/2014 10:19:12]
AdwCleaner[R15].txt - [2512 octets] - [18/08/2014 10:21:02]
AdwCleaner[R16].txt - [2395 octets] - [18/08/2014 15:21:53]
AdwCleaner[R17].txt - [2423 octets] - [18/08/2014 15:32:35]
AdwCleaner[R18].txt - [2753 octets] - [18/08/2014 19:47:24]
AdwCleaner[R19].txt - [2875 octets] - [18/08/2014 22:15:55]
AdwCleaner[R1].txt - [3396 octets] - [15/08/2014 19:57:29]
AdwCleaner[R20].txt - [2728 octets] - [20/08/2014 12:24:49]
AdwCleaner[R21].txt - [3618 octets] - [21/08/2014 09:12:15]
AdwCleaner[R22].txt - [1535 octets] - [23/08/2014 08:53:50]
AdwCleaner[R2].txt - [4162 octets] - [15/08/2014 23:48:44]
AdwCleaner[R3].txt - [2079 octets] - [16/08/2014 11:11:09]
AdwCleaner[R4].txt - [2197 octets] - [17/08/2014 13:09:33]
AdwCleaner[R5].txt - [1984 octets] - [17/08/2014 13:57:24]
AdwCleaner[R6].txt - [1567 octets] - [17/08/2014 19:01:56]
AdwCleaner[R7].txt - [2323 octets] - [17/08/2014 22:04:26]
AdwCleaner[R8].txt - [2374 octets] - [17/08/2014 22:39:19]
AdwCleaner[R9].txt - [2082 octets] - [17/08/2014 22:49:21]
AdwCleaner[S0].txt - [4920 octets] - [04/06/2014 21:45:34]
AdwCleaner[S10].txt - [2457 octets] - [18/08/2014 15:25:22]
AdwCleaner[S11].txt - [2815 octets] - [18/08/2014 19:48:14]
AdwCleaner[S12].txt - [2937 octets] - [18/08/2014 22:17:13]
AdwCleaner[S13].txt - [3630 octets] - [21/08/2014 09:13:44]
AdwCleaner[S1].txt - [3350 octets] - [15/08/2014 19:59:13]
AdwCleaner[S2].txt - [3927 octets] - [15/08/2014 23:49:42]
AdwCleaner[S3].txt - [2090 octets] - [16/08/2014 11:12:07]
AdwCleaner[S4].txt - [2208 octets] - [17/08/2014 13:10:51]
AdwCleaner[S5].txt - [2114 octets] - [17/08/2014 13:59:38]
AdwCleaner[S6].txt - [1628 octets] - [17/08/2014 19:03:16]
AdwCleaner[S7].txt - [2315 octets] - [17/08/2014 22:09:06]
AdwCleaner[S8].txt - [2435 octets] - [17/08/2014 22:41:55]
AdwCleaner[S9].txt - [1935 octets] - [17/08/2014 23:23:48]
########## EOF - C:\AdwCleaner\AdwCleaner[R22].txt - [2920 octets] ##########
|
|
23.08.2014, 21:17
| #12 |
| /// the machine /// TB-Ausbilder | Adware nicht vollständig entfernt Die beiden kannste löschen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.08.2014, 10:24
| #13 |
| | Adware nicht vollständig entfernt Alles klar, dann wars das wohl. Vielen Dank schrauber |
|
24.08.2014, 10:30
| #14 |
| /// the machine /// TB-Ausbilder | Adware nicht vollständig entfernt Gern Geschehen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Adware nicht vollständig entfernt |
| antivirus, bonjour, browser, converter, downloader, email, excel, failed, fehler, firefox, flash player, google, homepage, installation, mozilla, programm, registry, scan, security, software, svchost.exe, system, updates, vista, windows |
Linear-Darstellung
