Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/Patched.Ren.Gen - Überfordert!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 09.09.2014, 17:10   #1
Kapiernix
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



Hallo,

ich muss mich hier leider in die Reihe der Überforderten mit dem Virus einreihen. Ich bekomme am laufenden Band Meldungen, wenn ich den PC anmache. Wenn ich die anderen Posts lese, muss ich gestehen, ich verstehe praktisch gar nichts von Computer. Bitte daher Anweisungen für die ganz Dummen!

PHP-Code:
Exportierte Ereignisse:

09.09.2014 17:54 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00030df3'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:54 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00027181'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '56e1b189.qua' 
      
verschoben!

09.09.2014 17:41 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0002d2f3'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:40 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0002d056'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:38 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0002b201'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:29 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00025fe8'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '56848cd2.qua' 
      
verschoben!

09.09.2014 17:26 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00025fe8'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:26 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00023c8f'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '56ea83bd.qua' 
      
verschoben!

09.09.2014 17:23 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0001f84c'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '50f88cf5.qua' 
      
verschoben!

09.09.2014 17:20 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0001f84c'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:20 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0001b159'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '578b8932.qua' 
      
verschoben!

09.09.2014 17:17 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0001b159'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:17 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00016a81'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '50828ff3.qua' 
      
verschoben!

09.09.2014 17:14 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00016a81'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:14 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00011630'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '50dab7ac.qua' 
      
verschoben!

09.09.2014 17:12 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp00011630'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:12 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0000befc'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '5095b80b.qua' 
      
verschoben!

09.09.2014 17:08 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp0000befc'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:08 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp000092b7'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '50ec8a0a.qua' 
      
verschoben!

09.09.2014 17:04 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp000092b7'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 17
:04 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\bd4367c6-9e9e-4438-852f-155166baf620\tmp00004717\tmp000092b0'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 15
:54 [System-ScannerMalware gefunden
      
Die Datei 'D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2013-01-31 
      130640\Backup files 8.zip'
      
enthielt einen Virus oder unerwünschtes Programm 'HTML/ExpKit.Gen3' [virus].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e5c86dd.qua' 
      
verschoben!

09.09.2014 15:53 [System-ScannerMalware gefunden
      
Die Datei 'D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-02-28 
      190132\Backup files 12.zip'
      
enthielt einen Virus oder unerwünschtes Programm 'HEUR/Infected.WebPage.Gen' 
      
[heuristic].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '56cba935.qua' 
      
verschoben!

09.09.2014 06:37 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\3264540f-854b-4303-9b5d-70e357df4cfc\tmp00005786\tmp000218d3'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

09.09.2014 06
:36 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\3264540f-854b-4303-9b5d-70e357df4cfc\tmp00005786\tmp00021837'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

08.09.2014 20
:42 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\ec226263-0094-4e96-b7ee-976794a26aa7\tmp00000d28\tmp0001550e'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

08.09.2014 20
:42 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\ec226263-0094-4e96-b7ee-976794a26aa7\tmp00000d28\tmp00010eed'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '50626a50.qua' 
      
verschoben!

08.09.2014 20:37 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\ec226263-0094-4e96-b7ee-976794a26aa7\tmp00000d28\tmp00010eed'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

08.09.2014 20
:37 [System-ScannerMalware gefunden
      
Die Datei 
      
'C:\Windows\Temp\ec226263-0094-4e96-b7ee-976794a26aa7\tmp00000d28\tmp0000ffce'
      
enthielt einen Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan].
      
Durchgeführte Aktion(en):
      Die 
Datei wurde ins Quarantäneverzeichnis unter dem Namen '50376601.qua' 
      
verschoben!

08.09.2014 20:33 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\ec226263-0094-4e96-b7ee-976794a26aa7\tmp00000d28\tmp0000ffce'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

08.09.2014 20
:28 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\ec226263-0094-4e96-b7ee-976794a26aa7\tmp00000d28\tmp0000befd'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern

08.09.2014 20
:28 [Echtzeit-ScannerMalware gefunden
      In der Datei 
      
'C:\Windows\Temp\ec226263-0094-4e96-b7ee-976794a26aa7\tmp00000d28\tmp0000befd'
      
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen' [trojan
      
gefunden.
      
Ausgeführte AktionZugriff verweigern 
Bitte um Hilfe!!!!

Danke und Grüsse,

Kapiernix

Alt 09.09.2014, 17:16   #2
M-K-D-B
/// TB-Ausbilder
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________


Alt 09.09.2014, 17:26   #3
Kapiernix
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



Hallo Matthias!

Vielen Dank erstmal, dass es Leute wie dich gibt!

Hier nun die Infos nach dem Scan:

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by ANTJEKRAMER (administrator) on ANTJE on 09-09-2014 18:20:50
Running from C:\Users\ANTJEKRAMER\Desktop
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\System32\CTSVCCDA.EXE
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTDevSrv.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(Creative Technology Ltd.) C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
() C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050000 2009-10-15] (Toshiba Europe GmbH)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-08] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7858720 2009-10-21] (Realtek Semiconductor)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-08-12] (TOSHIBA)
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [425984 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [480608 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1586472 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION.)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1328480 2009-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [611672 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [29528 2009-11-30] (TOSHIBA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [198032 2011-10-21] (Lavasoft)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-31] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [7642432 2014-08-27] ()
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [CTZDetec.exe] => C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [368640 2008-04-24] (Creative Technology Ltd.)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [Amazon Cloud Player] => C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
Startup: C:\Users\ANTJEKRAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.lnk
ShortcutTarget: firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {067F90BA-8380-42AD-A44C-56320425566A} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {E7F8E38E-F304-4B3D-A235-CD13DC20EAA9} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Ad-Aware Security Toolbar -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files\adawaretb\adawareDx.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
Toolbar: HKCU - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-03-26]
FF Extension: Avira Browser Safety - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\abs@avira.com [2014-08-31]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\toolbar@ask.com [2011-11-30]
FF Extension: Garmin Communicator - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-03-08]
FF Extension: Ad-Aware Security Toolbar - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2011-12-12]
FF Extension: YouTube Unblocker - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\youtubeunblocker@unblocker.yt.xpi [2013-06-01]

Chrome: 
=======
CHR CustomProfile: C:\Users\ANTJEKRAMER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SaveSense) - C:\Users\ANTJEKRAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk [2013-11-26]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-31] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-10-27] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTDevice_Srv; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [655864 2014-08-27] ()
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [116104 2009-10-15] (Toshiba Europe GmbH)
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-09-28] (TOSHIBA Corporation)
R3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-11-05] (TOSHIBA Corporation)
R3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [677232 2009-11-10] (TOSHIBA Corporation)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S2 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe /svc [X]
S3 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-08-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [165744 2014-04-22] (BitDefender LLC)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 Lavasoft Kernexplorer; C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [15232 2012-06-17] ()
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-30] (COMPAL ELECTRONIC INC.)
R2 PfModNT; C:\Windows\system32\drivers\PfModNT.sys [71596 2004-06-03] (Creative Technology Ltd.) [File not signed]
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [157536 2009-05-20] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-15] (Avira GmbH)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-03-02] (Samsung Electronics) [File not signed]
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-04-22] (BitDefender S.R.L.)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)
S3 FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 18:20 - 2014-09-09 18:22 - 00023510 _____ () C:\Users\ANTJEKRAMER\Desktop\FRST.txt
2014-09-09 18:20 - 2014-09-09 18:21 - 00000000 ____D () C:\FRST
2014-09-09 18:19 - 2014-09-09 18:19 - 01097728 _____ (Farbar) C:\Users\ANTJEKRAMER\Desktop\FRST.exe
2014-09-09 17:51 - 2014-09-09 17:55 - 00021664 _____ () C:\Users\ANTJEKRAMER\Desktop\Ereignisse.txt
2014-09-08 21:05 - 2014-09-08 21:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-08 20:44 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-08 20:44 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-08 20:44 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-08 20:44 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-08 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-08 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-08 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-08 20:33 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-08 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-08 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-08 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-08 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-08 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-08 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-08 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-08 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-08 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-08 20:33 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-08 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-08 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-08 20:33 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-08 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-08 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-08 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-08 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-08 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-08 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-08 20:33 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-08 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-08 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-08 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-08 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-08 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-08 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-08 20:33 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-08 20:33 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-08 20:33 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-08 20:33 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-08 20:32 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-08 20:32 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-08 20:31 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-08 20:31 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-08 20:31 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-08 20:31 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-08 20:31 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-08 20:29 - 2014-08-07 03:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-08 20:29 - 2014-08-07 03:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-08 20:29 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-08 20:12 - 2014-09-08 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-08 20:09 - 2014-09-08 20:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-08 19:57 - 2014-09-08 19:57 - 02806920 _____ () C:\Users\ANTJEKRAMER\Downloads\Adaware_Installer(1).exe
2014-08-31 15:21 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-31 15:21 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-31 15:21 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-31 15:21 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-31 15:20 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-31 15:20 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-31 15:20 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-31 15:19 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-31 15:19 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 18:22 - 2014-09-09 18:20 - 00023510 _____ () C:\Users\ANTJEKRAMER\Desktop\FRST.txt
2014-09-09 18:21 - 2014-09-09 18:20 - 00000000 ____D () C:\FRST
2014-09-09 18:19 - 2014-09-09 18:19 - 01097728 _____ (Farbar) C:\Users\ANTJEKRAMER\Desktop\FRST.exe
2014-09-09 18:17 - 2012-10-19 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-09 17:55 - 2014-09-09 17:51 - 00021664 _____ () C:\Users\ANTJEKRAMER\Desktop\Ereignisse.txt
2014-09-09 16:10 - 2011-01-05 21:06 - 01198430 _____ () C:\Windows\WindowsUpdate.log
2014-09-09 16:07 - 2013-04-17 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-09 16:07 - 2013-04-17 12:50 - 00000000 ____D () C:\Program Files\Avira
2014-09-09 16:07 - 2013-03-08 19:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 16:06 - 2009-07-14 06:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-09 16:06 - 2009-07-14 06:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-09 16:01 - 2011-02-13 18:01 - 00000000 ____D () C:\Users\ANTJEKRAMER\AppData\Roaming\Skype
2014-09-09 15:58 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-09 15:58 - 2009-07-14 06:39 - 00163958 _____ () C:\Windows\setupact.log
2014-09-09 10:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-08 21:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-08 21:13 - 2012-05-08 11:50 - 00000000 ____D () C:\Program Files\Google
2014-09-08 21:05 - 2014-09-08 21:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-08 21:05 - 2011-02-13 18:01 - 00000000 ____D () C:\ProgramData\Skype
2014-09-08 20:58 - 2011-01-05 21:25 - 00000000 ___RD () C:\Users\ANTJEKRAMER\Eigene Musik
2014-09-08 20:56 - 2009-07-14 06:33 - 00420584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 20:55 - 2009-12-07 12:02 - 00712640 _____ () C:\Windows\PFRO.log
2014-09-08 20:53 - 2014-05-06 18:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-08 20:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-08 20:52 - 2009-12-07 12:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-08 20:50 - 2013-08-26 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-08 20:47 - 2011-01-14 21:40 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-08 20:12 - 2014-09-08 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-08 20:09 - 2014-09-08 20:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-08 20:01 - 2011-01-05 21:25 - 00000000 ____D () C:\Users\ANTJEKRAMER
2014-09-08 19:57 - 2014-09-08 19:57 - 02806920 _____ () C:\Users\ANTJEKRAMER\Downloads\Adaware_Installer(1).exe
2014-08-31 15:27 - 2012-03-09 19:59 - 00000000 ____D () C:\ProgramData\Avira
2014-08-25 06:53 - 2011-01-06 19:26 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 03:46 - 2014-09-08 20:32 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-09-08 20:32 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-10 20:21 - 2009-12-07 11:39 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-10 19:54 - 2013-05-07 18:00 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-10 19:54 - 2013-04-17 12:50 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-08-10 19:41 - 2012-04-29 10:43 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-10 19:41 - 2009-12-07 12:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\ANTJEKRAMER\AppData\Local\Temp\5b9d4686-8f15-432a-b212-0fb174737300.exe
C:\Users\ANTJEKRAMER\AppData\Local\Temp\AskSLib.dll
C:\Users\ANTJEKRAMER\AppData\Local\Temp\avgnt.exe
C:\Users\ANTJEKRAMER\AppData\Local\Temp\CTWseAPI.dll
C:\Users\ANTJEKRAMER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcxgf1l.dll
C:\Users\ANTJEKRAMER\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\ANTJEKRAMER\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\ANTJEKRAMER\AppData\Local\Temp\setup.exe
C:\Users\ANTJEKRAMER\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\RSSSynchronizer.exe
C:\Users\Gast\AppData\Local\Temp\rss_chs.dll
C:\Users\Gast\AppData\Local\Temp\rss_cht.dll
C:\Users\Gast\AppData\Local\Temp\rss_deu.dll
C:\Users\Gast\AppData\Local\Temp\rss_enu.dll
C:\Users\Gast\AppData\Local\Temp\rss_esn.dll
C:\Users\Gast\AppData\Local\Temp\rss_fra.dll
C:\Users\Gast\AppData\Local\Temp\rss_ita.dll
C:\Users\Gast\AppData\Local\Temp\rss_jpn.dll
C:\Users\Gast\AppData\Local\Temp\rss_nld.dll
C:\Users\Gast\AppData\Local\Temp\rss_ptb.dll
C:\Users\Gast\AppData\Local\Temp\v_o8atut.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-09 10:02

==================== End Of Log ============================
         
--- --- ---



Additional:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2014
Ran by ANTJEKRAMER at 2014-09-09 18:24:36
Running from C:\Users\ANTJEKRAMER\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Ad-Aware Antivirus (HKLM\...\{30EA2BAC-C89C-4EAE-BDCF-8C7C8DDB79B1}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
Ad-Aware Browsing Protection (HKLM\...\Ad-Aware Browsing Protection) (Version: 0.9.0.2 - Lavasoft)
Ad-Aware Security Toolbar (HKLM\...\adawaretb) (Version: 0.9.1.15 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{327302DA-42B3-CF80-A242-E7E16FB6BB91}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudibleManager (HKLM\...\AudibleManager) (Version: 2000050912.48.56.27725034 - Audible, Inc.)
Avira (HKLM\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CanoScan Toolbox Ver4.6 (HKLM\...\{088A077A-8028-408C-AE7B-4512AE2A65A0}) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0908.2225.38429 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0908.2225.38429 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Czech (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Danish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Dutch (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help English (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Finnish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help French (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help German (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Greek (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Italian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Japanese (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Korean (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Polish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Russian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Spanish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Swedish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Thai (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Turkish (Version: 2009.0908.2224.38429 - ATI) Hidden
ccc-core-static (Version: 2009.0908.2225.38429 - Ihr Firmenname) Hidden
ccc-utility (Version: 2009.0908.2225.38429 - ATI) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Creative Jukebox Driver (HKLM\...\Creative Jukebox Driver) (Version:  - )
Creative Media Lite (HKLM\...\Creative Media Lite) (Version:  - )
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 2.00 - )
Creative Software Update (Version: 1.00.14 - Creative Technology Ltd.) Hidden
Creative ZEN Stone-Benutzerhandbuch (HKLM\...\ZENStoneUG) (Version:  - Creative Tech)
Creative Zen Touch (HKLM\...\{1103112B-513D-4DEF-96B4-9889774E0118}) (Version: 1.0 - )
Creative-Systeminformationen (HKLM\...\SysInfo) (Version:  - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Elevated Installer (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
FOTOParadies (HKLM\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 3.5.7.5 - Foto Online Service GmbH)
Garmin Express (HKLM\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
iTunes (HKLM\...\{C8EBB0DE-5655-4D32-99E1-9447E702A89F}) (Version: 11.1.2.32 - Apple Inc.)
Java(TM) 6 Update 14 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.1 - Nikon)
PDF24 Creator 5.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Plus-HD-2.2 (HKLM\...\Plus-HD-2.2) (Version: 1.31.153.0 - Plus HD) <==== ATTENTION
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.11.0 - Synaptics Incorporated)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.12 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM\...\InstallShield_{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}) (Version: 1.5.06.32 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.5.06.32 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.06-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.12.0 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.1.12.0 - TOSHIBA Corporation) Hidden
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - Toshiba) Hidden
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.3.32 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.32 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.4C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (Version: 1.63.0.16C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.4 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.1.0 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM\...\InstallShield_{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}) (Version: 1.5.08.32 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.5.08.32 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (Version: 1.63.0.7C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
Toshiba TEMPRO (HKLM\...\{14555947-6F14-421F-8F61-6489E0FDFAE5}) (Version: 3.08 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.34 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.2.34 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
TRORMCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.9 - TOSHIBA)
TRORMCLauncher (Version: 1.0.0.9 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Utility Common Driver (Version: 1.0.50.27C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.1.1 - Nikon)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WildTangent-Spiele (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}\InprocServer32 -> C:\Users\ANTJEKRAMER\AppData\Local\AskToolbar\Downloaded Program Files\AviraIDW.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}\InprocServer32 -> C:\Users\ANTJEKRAMER\AppData\Local\AskToolbar\Downloaded Program Files\Avira.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{5CAA6074-C368-4FAD-A0D6-2F348355C324}\InprocServer32 -> C:\Users\ANTJEKRAMER\AppData\Local\AskToolbar\Downloaded Program Files\AviraIDWUPD.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}\InprocServer32 -> C:\Users\ANTJEKRAMER\AppData\Local\AskToolbar\Downloaded Program Files\AviraWidget.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{DF846759-BE0F-4451-B9D3-4BEFF765A1FD}\InprocServer32 -> C:\Users\ANTJEKRAMER\AppData\Local\AskToolbar\Downloaded Program Files\AviraTrans.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\ANTJEKRAMER\AppData\Local\AskToolbar\Downloaded Program Files\AviraIDWUS.dll (Ask.com)

==================== Restore Points  =========================

01-08-2014 20:06:23 Windows Update
01-08-2014 20:25:51 Windows Update
10-08-2014 17:52:08 Windows Update
31-08-2014 13:16:31 Entfernt Creative MediaSource Detector
31-08-2014 13:18:53 Windows Update
31-08-2014 13:18:58 Konfiguriert Engine Installer
31-08-2014 13:20:55 Windows-Sicherung
08-09-2014 17:59:10 AA11
08-09-2014 18:23:51 Windows Update
08-09-2014 18:35:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00C2DFFB-ADB0-439F-A6A9-2DA06D1AAB8D} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {0B967E98-4F4A-40AE-B171-8C85852EEE01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-17] (Adobe Systems Incorporated)
Task: {1BA01909-43F1-46E1-803F-A22ABA4E19D0} - System32\Tasks\{79283F13-2AE4-4C8C-8849-5B6327159300} => C:\Users\ANTJEKRAMER\Downloads\B4A01dex.exe
Task: {282F9EC6-53CD-474D-87F6-66F444FAA039} - System32\Tasks\{35B5CFF1-DB37-46C7-84DF-488BAD58EF78} => C:\Program Files\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {68BD67CC-4802-49D3-9495-90B2B15B34C9} - System32\Tasks\SaveSense => C:\Users\ANTJEK~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {71291486-D27D-478A-AB82-2D212F8A774B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {71D01C25-F216-4C33-AE59-C4BF3FCC486B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-08] (Google Inc.)
Task: {73B03B2C-5D11-41DF-BED2-3D36F9B14519} - System32\Tasks\Plus-HD-2.2-firefoxinstaller => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe
Task: {7813C8B8-F101-4F09-A3A0-6F885586596A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-08] (Google Inc.)
Task: {86F2AF6F-6C3E-4CEF-93D0-A47FAAA86807} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-01-04] () <==== ATTENTION
Task: {8B0E9263-B6FC-47CB-B8E6-73792DE33F3B} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-10-28] (TOSHIBA CORPORATION)
Task: {8E41DFE5-BA27-465C-9CCE-70FDF9D52CE9} - System32\Tasks\Plus-HD-2.2-chromeinstaller => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe
Task: {9FBD16D5-860C-432D-B5B1-0CE6296219E8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2012-05-25] (Lavasoft Limited                                                      )
Task: {C572C1CD-B38D-4B0E-B392-093AA0B9818C} - \8e6d0740 No Task File <==== ATTENTION
Task: {D63CD7E5-5B48-487C-AF3C-5BE8FDF8028B} - System32\Tasks\{3BE50B50-EFD9-4B8C-954D-6292082461B3} => C:\Users\ANTJEKRAMER\Downloads\4200fvst8611a_xpen(1).exe
Task: {E30DFE58-948F-4434-955B-E57E1C757F70} - System32\Tasks\Plus-HD-2.2-codedownloader => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe
Task: {FBDC998E-BBF7-4F7D-9F68-30883BD168D7} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job => C:\Program Files\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\ANTJEK~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 12:51 - 2014-08-27 12:51 - 00655864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 12:55 - 2014-08-27 12:55 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 09918800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01643352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00747352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00865608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00206664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00779096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01000256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 12:56 - 2014-08-27 12:56 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00768344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00868184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00703304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00666448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02359632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02411344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00834384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00977216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00739656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2009-09-28 15:42 - 2009-09-28 15:42 - 00525688 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2011-01-05 20:59 - 2009-10-02 14:18 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02555216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
2011-01-05 22:05 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2009-10-18 16:20 - 2009-10-18 16:20 - 07980344 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 14:26 - 2009-11-03 14:26 - 00058680 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2009-12-07 11:56 - 2009-06-22 15:38 - 00015160 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 20:08 - 2009-03-12 20:08 - 00049152 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 12:57 - 2006-10-07 12:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2009-07-29 16:35 - 2009-07-29 16:35 - 00014648 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2014-08-31 15:27 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\ANTJEKRAMER\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 07642432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 12:55 - 2014-08-27 12:55 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01597248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00833360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2014-05-09 17:31 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2009-05-04 11:45 - 2009-05-04 11:45 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-05 21:02 - 2011-01-05 21:02 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-11-05 10:14 - 2009-11-05 10:14 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-31 20:24 - 2014-07-31 20:24 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-07-17 20:32 - 2014-07-17 20:32 - 17029808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GamesAppService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk => C:\Windows\pss\Nikon Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ANTJEKRAMER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Creative Detector => "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
MSCONFIG\startupreg: CTZDetec.exe => C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SoftAuto.exe => "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2014 03:55:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 14.0.6.548 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 958

Startzeit: 01cfcb9a70592443

Endzeit: 60000

Anwendungspfad: C:\Program Files\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: b3d482ce-3828-11e4-8bef-705ab6857b2d

Error: (09/09/2014 10:05:26 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (09/09/2014 05:58:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28230581

Error: (09/09/2014 05:58:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28230581

Error: (09/09/2014 05:58:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/31/2014 03:16:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {549cea21-e3b6-4833-9b97-bd2cafe601fc}

Error: (08/31/2014 03:13:00 PM) (Source: MsiInstaller) (EventID: 1024) (User: ANTJE)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (07/31/2014 07:09:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: googledrivesync.exe, Version: 1.14.6059.644, Zeitstempel: 0x509418e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052d37
ID des fehlerhaften Prozesses: 0xf50
Startzeit der fehlerhaften Anwendung: 0xgoogledrivesync.exe0
Pfad der fehlerhaften Anwendung: googledrivesync.exe1
Pfad des fehlerhaften Moduls: googledrivesync.exe2
Berichtskennung: googledrivesync.exe3

Error: (06/26/2014 09:57:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OIS.EXE, Version 12.0.6606.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b28

Startzeit: 01cf917886a9e584

Endzeit: 4

Anwendungspfad: C:\PROGRA~1\MICROS~2\Office12\OIS.EXE

Berichts-ID: e677c100-fd6b-11e3-b579-705ab6857b2d

Error: (06/21/2014 09:51:16 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service


System errors:
=============
Error: (09/09/2014 04:06:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

Error: (09/09/2014 04:04:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (09/09/2014 04:01:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/09/2014 04:01:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/09/2014 04:01:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (09/09/2014 03:58:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Lbd
SBRE

Error: (09/09/2014 03:58:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (09/09/2014 05:58:31 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Garmin Core Update Service erreicht.

Error: (09/08/2014 09:27:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (09/08/2014 09:24:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (06/16/2011 09:36:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1183 seconds with 600 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 67%
Total physical RAM: 3061.61 MB
Available physical RAM: 979.88 MB
Total Pagefile: 6121.5 MB
Available Pagefile: 4007.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.68 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.42 GB) (Free:161.22 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.95 GB) (Free:88.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76D98D76)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Vielen, vielen DANK!!!!

Grüsse

Antje
__________________

Alt 09.09.2014, 17:36   #4
M-K-D-B
/// TB-Ausbilder
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



Servus,



wir beginnen erst mal so:




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alt 09.09.2014, 18:20   #5
Kapiernix
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



so, fertig

Code:
ATTFilter
ComboFix 14-09-09.01 - ANTJEKRAMER 09.09.2014  18:48:39.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3062.940 [GMT 2:00]
ausgeführt von:: c:\users\ANTJEKRAMER\Desktop\ComboFix.exe
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SaveSenseLive
c:\programdata\SaveSenseLive\Update\Log\SaveSenseLive.log
c:\users\ANTJEK~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\ANTJEKRAMER\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\ANTJEKRAMER\AppData\Roaming\SaveSense
c:\users\ANTJEKRAMER\AppData\Roaming\SaveSense\UpdateProc\config.dat
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_savesenselive
-------\Service_savesenselivem
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-09 bis 2014-09-09  ))))))))))))))))))))))))))))))
.
.
2014-09-09 16:58 . 2014-09-09 16:58	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-09-09 16:58 . 2014-09-09 17:03	--------	d-----w-	c:\users\ANTJEKRAMER\AppData\Local\temp
2014-09-09 16:58 . 2014-09-09 16:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-09 16:20 . 2014-09-09 16:25	--------	d-----w-	C:\FRST
2014-09-08 19:05 . 2014-09-08 19:05	--------	d-----w-	c:\program files\Common Files\Skype
2014-09-08 18:44 . 2014-03-09 21:47	99480	----a-w-	c:\windows\system32\infocardapi.dll
2014-09-08 18:44 . 2014-06-30 22:14	8856	----a-w-	c:\windows\system32\icardres.dll
2014-09-08 18:44 . 2014-03-09 21:47	619672	----a-w-	c:\windows\system32\icardagt.exe
2014-09-08 18:44 . 2014-06-06 06:16	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2014-09-08 18:32 . 2014-08-23 01:46	305152	----a-w-	c:\windows\system32\gdi32.dll
2014-09-08 18:32 . 2014-08-23 00:42	2352640	----a-w-	c:\windows\system32\win32k.sys
2014-09-08 18:31 . 2014-07-16 02:46	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-08 18:31 . 2014-06-03 09:30	101824	----a-w-	c:\windows\system32\consent.exe
2014-09-08 18:31 . 2014-06-03 09:29	2363392	----a-w-	c:\windows\system32\msi.dll
2014-09-08 18:31 . 2014-06-03 09:29	1805824	----a-w-	c:\windows\system32\authui.dll
2014-09-08 18:31 . 2014-06-03 09:29	337408	----a-w-	c:\windows\system32\msihnd.dll
2014-09-08 18:29 . 2014-08-07 01:43	412160	----a-w-	c:\windows\system32\aepdu.dll
2014-09-08 18:29 . 2014-08-07 01:39	302592	----a-w-	c:\windows\system32\aeinv.dll
2014-09-08 18:09 . 2014-09-08 18:09	--------	d-----w-	c:\program files\Common Files\Lavasoft
2014-08-31 13:21 . 2014-05-14 16:23	45536	----a-w-	c:\windows\system32\wups2.dll
2014-08-31 13:21 . 2014-05-14 16:23	54240	----a-w-	c:\windows\system32\wuauclt.exe
2014-08-31 13:21 . 2014-05-14 16:23	1973728	----a-w-	c:\windows\system32\wuaueng.dll
2014-08-31 13:21 . 2014-05-14 16:17	2425856	----a-w-	c:\windows\system32\wucltux.dll
2014-08-31 13:20 . 2014-05-14 16:23	36320	----a-w-	c:\windows\system32\wups.dll
2014-08-31 13:20 . 2014-05-14 16:23	581600	----a-w-	c:\windows\system32\wuapi.dll
2014-08-31 13:20 . 2014-05-14 16:17	92672	----a-w-	c:\windows\system32\wudriver.dll
2014-08-31 13:19 . 2014-05-14 07:23	179656	----a-w-	c:\windows\system32\wuwebv.dll
2014-08-31 13:19 . 2014-05-14 07:17	33792	----a-w-	c:\windows\system32\wuapp.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-09 14:39 . 2014-09-09 08:06	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD336A1C-EF5C-4E47-9A67-AB9D315E2DC7}\offreg.dll
2014-08-25 04:53 . 2011-01-06 17:26	231584	------w-	c:\windows\system32\MpSigStub.exe
2014-08-21 09:24 . 2014-09-09 08:01	8581864	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD336A1C-EF5C-4E47-9A67-AB9D315E2DC7}\mpengine.dll
2014-08-10 17:54 . 2013-05-07 16:00	35848	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-08-10 17:54 . 2013-04-17 10:50	97648	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-07-17 19:18 . 2012-10-19 15:51	699056	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-07-17 19:18 . 2011-05-15 16:25	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-06-18 01:51 . 2014-07-17 18:37	646144	----a-w-	c:\windows\system32\osk.exe
2013-10-18 13:20 . 2013-10-18 13:20	50053120	----a-w-	c:\program files\GUTA5A2.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2011-11-29 19:15	86696	----a-w-	c:\program files\adawaretb\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files\adawaretb\adawareDx.dll" [2011-11-29 86696]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-07-24 21650016]
"Amazon Cloud Player"="c:\users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2014-05-08 3145536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2009-10-15 1050000]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-08 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-21 7858720]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 425984]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-11-05 480608]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-08-13 521528]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-11-10 738616]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-15 1586472]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-11-21 2454840]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-10-19 163840]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-11-05 611672]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-09-28 1328480]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-11-10 611672]
"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2009-11-30 29528]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-08-31 751184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2012-12-12 163000]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe" [2014-08-27 7642432]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\ANTJEKRAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
firefox.lnk - c:\program files\Mozilla Firefox\firefox.exe [2014-7-31 275568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Nikon Monitor.lnk
backup=c:\windows\pss\Nikon Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^ANTJEKRAMER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\ANTJEKRAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57	959904	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2011-09-08 13:55	888488	----a-w-	c:\program files\Ask.com\Updater\Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-09-13 17:51	59720	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector]
2004-12-02 17:23	102400	------w-	c:\program files\Creative\MediaSource\Detector\CTDetect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTZDetec.exe]
2008-04-24 16:57	368640	------w-	c:\program files\Creative\Creative Media Lite\CTZDetec.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-05-20 02:37	450560	----a-w-	c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37	1263952	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
2013-09-19 07:47	1093976	----a-w-	c:\program files\Garmin\Express Tray\ExpressTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-10-23 15:31	152392	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
2008-05-28 02:39	401408	----a-w-	c:\program files\Creative\Software Update 3\SoftAuto.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2009-08-25 14:49	134032	----a-w-	c:\program files\TOSHIBA\Registration\ToshibaReminder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
2009-11-30 09:46	467304	----a-w-	c:\program files\TOSHIBA\BulletinBoard\TosNcCore.exe
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys [2009-07-14 265088]
R3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys [2009-07-13 11904]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-24 80824]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-07-25 108032]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 25112]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2012-06-17 15232]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-22 174592]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 181432]
R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 111960]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 677232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-12 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-11-25 37352]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-08 172032]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-08-31 430160]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-08-31 1021008]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-27 160048]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-10-27 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-09-19 250200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [2014-08-27 655864]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 5120]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2009-10-15 116104]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-09-28 185712]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 12920]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 gzflt;gzflt;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [2014-04-22 165744]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2011-06-20 1117800]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-19 19:18]
.
2014-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-08 09:50]
.
2014-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-08 09:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-GoogleDriveSync - c:\program files\Google\Drive\googledrivesync.exe
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
MSConfigStartUp-KiesPDLR - c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSConfigStartUp-KiesTrayAgent - c:\program files\Samsung\Kies\KiesTrayAgent.exe
MSConfigStartUp-Optimizer Pro - c:\program files\Optimizer Pro\OptProLauncher.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.EXE
c:\program files\Creative\Shared Files\CTDevSrv.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-09-09  19:09:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-09-09 17:09
.
Vor Suchlauf: 10 Verzeichnis(se), 173.785.526.272 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 175.929.077.760 Bytes frei
.
- - End Of File - - B40242CA3A8B8E3E00BBAD571BD1F9B7
A36C5E4F47E84449FF07ED3517B43A31
         
merci!


Alt 10.09.2014, 08:48   #6
M-K-D-B
/// TB-Ausbilder
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



So geht es weiter:



Mehrere Anti-Virus-Programme

Code:
ATTFilter
Ad-Aware Antivirus
Avira
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Zitat:
Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."



Anschließend diese Schritte ausführen:



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

Alt 10.09.2014, 16:16   #7
Kapiernix
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



Hallo Matthias,

also, Avira hab ich deinstalliert, so dass nur noch Adaware läuft.

AdwCleaner S0:

Code:
ATTFilter
# AdwCleaner v3.309 - Bericht erstellt am 10/09/2014 um 15:59:42
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : ANTJEKRAMER - ANTJE
# Gestartet von : C:\Users\ANTJEKRAMER\Desktop\adwcleaner_3.309.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files\adawaretb
Ordner Gelöscht : C:\Program Files\Ask.com
[/!\] Nicht Gelöscht ( Junction ) : C:\Program Files\Gemeinsame Dateien
Ordner Gelöscht : C:\Program Files\Plus-HD-2.2
Ordner Gelöscht : C:\Program Files\Toolbar Cleaner
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Users\ANTJEKRAMER\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\ANTJEKRAMER\AppData\Local\SaveSenseLive
Ordner Gelöscht : C:\Users\ANTJEKRAMER\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\ANTJEKRAMER\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\ANTJEKRAMER\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Gast\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\adawaretb
Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\96gqb7pq.default\adawaretb
Ordner Gelöscht : C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\toolbar@ask.com
Ordner Gelöscht : C:\Users\ANTJEKRAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk

***** [ Tasks ] *****

Task Gelöscht : SaveSense
Task Gelöscht : Scheduled Update for Ask Toolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\SaveSenseLive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickCtrl.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.Update3WebControl.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{93D3100A-BBB6-456C-96FC-82CAC5F383AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CDDAB3A4-E64D-4AE0-9E1D-F3132F5F913F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E66A759D-367F-433E-85C6-ED7F040BCC32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\SaveSense
Schlüssel Gelöscht : HKCU\Software\SaveSenseLive
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\DealPlyLive
Schlüssel Gelöscht : HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Plus-HD-2.2
Schlüssel Gelöscht : HKLM\SOFTWARE\SaveSense
Schlüssel Gelöscht : HKLM\SOFTWARE\SaveSenseLive
Schlüssel Gelöscht : HKLM\SOFTWARE\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Zeile gelöscht : user_pref("extensions.asktb.cbid", "JM");
Zeile gelöscht : user_pref("extensions.asktb.config-updated", true);
Zeile gelöscht : user_pref("extensions.asktb.crumb", "2011.07.03+03.07.04-toolbar003iad-DE-QmVybGluLEdlcm1hbnk%3D");
Zeile gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&gct=bar");
Zeile gelöscht : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Zeile gelöscht : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Zeile gelöscht : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "GMXX0007");
Zeile gelöscht : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Zeile gelöscht : user_pref("extensions.asktb.first-restart-after-config-update", true);
Zeile gelöscht : user_pref("extensions.asktb.fresh-install", false);
Zeile gelöscht : user_pref("extensions.asktb.guid", "811e83be-d670-4bb2-9b82-7c5d53ea9a72");
Zeile gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Zeile gelöscht : user_pref("extensions.asktb.if", "first");
Zeile gelöscht : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Zeile gelöscht : user_pref("extensions.asktb.l", "dis");
Zeile gelöscht : user_pref("extensions.asktb.last-config-req", "1410356295718");
Zeile gelöscht : user_pref("extensions.asktb.last-v", "3.14.0.100010");
Zeile gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Zeile gelöscht : user_pref("extensions.asktb.location", "Berlin,Germany");
Zeile gelöscht : user_pref("extensions.asktb.new-tab-opt-out", true);
Zeile gelöscht : user_pref("extensions.asktb.notification-shown", true);
Zeile gelöscht : user_pref("extensions.asktb.o", "100000080");
Zeile gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Zeile gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Zeile gelöscht : user_pref("extensions.asktb.r", "20");
Zeile gelöscht : user_pref("extensions.asktb.sa", "NO");
Zeile gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Zeile gelöscht : user_pref("extensions.asktb.silent-upgrade", true);
Zeile gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Zeile gelöscht : user_pref("extensions.asktb.themeid", "");
Zeile gelöscht : user_pref("extensions.asktb.to", "");
Zeile gelöscht : user_pref("extensions.asktb.v", "3.14.0.100015");

[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\96gqb7pq.default\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [17283 octets] - [10/09/2014 15:49:00]
AdwCleaner[S0].txt - [17221 octets] - [10/09/2014 15:59:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17282 octets] ##########
         


So, jetzt wurds blöd: MBAM hat gesucht und gefunden. Aber die Suchlauf-Datei war leer. Als ich einfach versuchte zu exportieren, ist jedes Mal das Programm abgestürzt. Hab alles Mögliche versucht, Neustarten, Deinstallieren und wieder installieren, neuer Suchlauf. Hat alles nichts gebracht. Daher hier mal zumindest die MBAM-"Schutz"datei

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 10.09.2014 16:06:42, SYSTEM, ANTJE, Protection, Malware Protection, Starting, 
Protection, 10.09.2014 16:06:42, SYSTEM, ANTJE, Protection, Malware Protection, Started, 
Protection, 10.09.2014 16:06:42, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Update, 10.09.2014 16:06:44, SYSTEM, ANTJE, Manual, Rootkit Database, 2014.2.20.1, 2014.8.21.1, 
Update, 10.09.2014 16:07:16, SYSTEM, ANTJE, Manual, Malware Database, 2014.3.4.9, 2014.9.10.5, 
Protection, 10.09.2014 16:07:17, SYSTEM, ANTJE, Protection, Refresh, Starting, 
Protection, 10.09.2014 16:07:28, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 
Protection, 10.09.2014 16:07:28, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopping, 
Protection, 10.09.2014 16:07:28, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopped, 
Protection, 10.09.2014 16:07:33, SYSTEM, ANTJE, Protection, Refresh, Success, 
Protection, 10.09.2014 16:07:33, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Protection, 10.09.2014 16:07:34, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 
Protection, 10.09.2014 16:26:55, SYSTEM, ANTJE, Protection, Malware Protection, Starting, 
Protection, 10.09.2014 16:26:55, SYSTEM, ANTJE, Protection, Malware Protection, Started, 
Protection, 10.09.2014 16:26:55, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Protection, 10.09.2014 16:28:22, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 
Protection, 10.09.2014 16:36:04, SYSTEM, ANTJE, Protection, Malware Protection, Starting, 
Protection, 10.09.2014 16:36:04, SYSTEM, ANTJE, Protection, Malware Protection, Started, 
Protection, 10.09.2014 16:36:04, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Protection, 10.09.2014 16:38:19, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 
Protection, 10.09.2014 16:42:05, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopping, 
Protection, 10.09.2014 16:42:05, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopped, 
Protection, 10.09.2014 16:42:05, SYSTEM, ANTJE, Protection, Malware Protection, Stopping, 
Protection, 10.09.2014 16:42:12, SYSTEM, ANTJE, Protection, Malware Protection, Stopped, 
Protection, 10.09.2014 16:44:30, SYSTEM, ANTJE, Protection, Malware Protection, Starting, 
Protection, 10.09.2014 16:44:30, SYSTEM, ANTJE, Protection, Malware Protection, Started, 
Protection, 10.09.2014 16:44:30, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Protection, 10.09.2014 16:44:30, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 
Update, 10.09.2014 16:44:32, SYSTEM, ANTJE, Manual, Rootkit Database, 2014.2.20.1, 2014.8.21.1, 
Update, 10.09.2014 16:45:03, SYSTEM, ANTJE, Manual, Malware Database, 2014.3.4.9, 2014.9.10.6, 
Protection, 10.09.2014 16:45:04, SYSTEM, ANTJE, Protection, Refresh, Starting, 
Protection, 10.09.2014 16:45:04, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopping, 
Protection, 10.09.2014 16:45:04, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopped, 
Protection, 10.09.2014 16:45:09, SYSTEM, ANTJE, Protection, Refresh, Success, 
Protection, 10.09.2014 16:45:09, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Protection, 10.09.2014 16:45:10, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 
Protection, 10.09.2014 16:45:45, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopping, 
Protection, 10.09.2014 16:45:45, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopped, 
Protection, 10.09.2014 16:45:45, SYSTEM, ANTJE, Protection, Malware Protection, Stopping, 
Protection, 10.09.2014 16:45:45, SYSTEM, ANTJE, Protection, Malware Protection, Stopped, 
Protection, 10.09.2014 16:49:59, SYSTEM, ANTJE, Protection, Malware Protection, Starting, 
Protection, 10.09.2014 16:49:59, SYSTEM, ANTJE, Protection, Malware Protection, Started, 
Protection, 10.09.2014 16:49:59, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Update, 10.09.2014 16:50:01, SYSTEM, ANTJE, Manual, Rootkit Database, 2014.2.20.1, 2014.8.21.1, 
Update, 10.09.2014 16:50:32, SYSTEM, ANTJE, Manual, Malware Database, 2014.3.4.9, 2014.9.10.6, 
Protection, 10.09.2014 16:50:33, SYSTEM, ANTJE, Protection, Refresh, Starting, 
Protection, 10.09.2014 16:50:57, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 
Protection, 10.09.2014 16:50:57, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopping, 
Protection, 10.09.2014 16:50:57, SYSTEM, ANTJE, Protection, Malicious Website Protection, Stopped, 
Protection, 10.09.2014 16:51:02, SYSTEM, ANTJE, Protection, Refresh, Success, 
Protection, 10.09.2014 16:51:02, SYSTEM, ANTJE, Protection, Malicious Website Protection, Starting, 
Protection, 10.09.2014 16:51:02, SYSTEM, ANTJE, Protection, Malicious Website Protection, Started, 

(end)
         
und die .xml-Version der Suchlauf-Datei:

Code:
ATTFilter
2014/09/10 16:08:02 +0200 mbam-log-2014-09-10 (16-08-00).xml yes  2.00.2.1012 v2014.09.10.05 v2014.08.21.01 trial enabled enabled disabled  Windows 7 Service Pack 1 x86 ANTJEKRAMER NTFS  threat completed 352302 786 0 0 2 2 0 1 0 0  enabled enabled enabled enabled disabled disabled enabled enabled enabled  HKU\S-1-5-21-2254722259-2390501912-3981444591-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccessf20b02e9d6a5bf77be61ab129072d22e HKU\S-1-5-21-2254722259-2390501912-3981444591-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccessf20b02e9d6a5bf77be61ab129072d22e HKU\S-1-5-21-2254722259-2390501912-3981444591-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccess
         
hab jetzt aber trotzdem weitergemacht im Programm...


JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x86
Ran by ANTJEKRAMER on 10.09.2014 at 16:57:12,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\ANTJEKRAMER\appdata\locallow\boost_interprocess"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\ANTJEKRAMER\AppData\Roaming\mozilla\firefox\profiles\clcl7imp.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Emptied folder: C:\Users\ANTJEKRAMER\AppData\Roaming\mozilla\firefox\profiles\clcl7imp.default\minidumps [290 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.09.2014 at 17:00:30,16
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by ANTJEKRAMER (administrator) on ANTJE on 10-09-2014 17:06:22
Running from C:\Users\ANTJEKRAMER\Desktop
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\System32\CTSVCCDA.EXE
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTDevSrv.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Creative Technology Ltd.) C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050000 2009-10-15] (Toshiba Europe GmbH)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-08] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7858720 2009-10-21] (Realtek Semiconductor)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-08-12] (TOSHIBA)
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [425984 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [480608 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1586472 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION.)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1328480 2009-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [611672 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [29528 2009-11-30] (TOSHIBA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [198032 2011-10-21] (Lavasoft)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [7642432 2014-08-27] ()
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\.DEFAULT\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\.DEFAULT\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
HKU\S-1-5-19\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-19\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-20\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [CTZDetec.exe] => C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [368640 2008-04-24] (Creative Technology Ltd.)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [Amazon Cloud Player] => C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
Startup: C:\Users\ANTJEKRAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.lnk
ShortcutTarget: firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {067F90BA-8380-42AD-A44C-56320425566A} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {E7F8E38E-F304-4B3D-A235-CD13DC20EAA9} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-03-26]
FF Extension: Avira Browser Safety - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\abs@avira.com [2014-08-31]
FF Extension: Garmin Communicator - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-03-08]
FF Extension: YouTube Unblocker - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\youtubeunblocker@unblocker.yt.xpi [2013-06-01]

Chrome: 
=======
CHR CustomProfile: C:\Users\ANTJEKRAMER\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-10-27] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTDevice_Srv; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [655864 2014-08-27] ()
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [116104 2009-10-15] (Toshiba Europe GmbH)
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-09-28] (TOSHIBA Corporation)
R3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-11-05] (TOSHIBA Corporation)
R3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [677232 2009-11-10] (TOSHIBA Corporation)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [165744 2014-04-22] (BitDefender LLC)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 Lavasoft Kernexplorer; C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [15232 2012-06-17] ()
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-30] (COMPAL ELECTRONIC INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R2 PfModNT; C:\Windows\system32\drivers\PfModNT.sys [71596 2004-06-03] (Creative Technology Ltd.) [File not signed]
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [157536 2009-05-20] (Realtek Semiconductor Corp.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-03-02] (Samsung Electronics) [File not signed]
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-04-22] (BitDefender S.R.L.)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\ANTJEK~1\AppData\Local\Temp\catchme.sys [X]
S3 FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 17:05 - 2014-09-10 17:06 - 00020552 _____ () C:\Users\ANTJEKRAMER\Desktop\FRST.txt
2014-09-10 17:00 - 2014-09-10 17:00 - 00001274 _____ () C:\Users\ANTJEKRAMER\Desktop\JRT.txt
2014-09-10 16:54 - 2014-09-10 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 16:53 - 2014-09-10 16:53 - 01016261 _____ (Thisisu) C:\Users\ANTJEKRAMER\Desktop\JRT.exe
2014-09-10 16:52 - 2014-09-10 16:52 - 00002906 _____ () C:\Users\ANTJEKRAMER\Desktop\mbam.Xml
2014-09-10 16:51 - 2014-09-10 16:51 - 00005048 _____ () C:\Users\ANTJEKRAMER\Desktop\mbam_schutz.txt
2014-09-10 16:49 - 2014-09-10 16:58 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 16:49 - 2014-09-10 16:49 - 00001031 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-10 16:49 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-10 16:49 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-10 16:49 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-10 16:42 - 2014-09-10 16:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\ANTJEKRAMER\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 15:48 - 2014-09-10 15:59 - 00000000 ____D () C:\AdwCleaner
2014-09-10 15:48 - 2014-09-10 15:48 - 01370483 _____ () C:\Users\ANTJEKRAMER\Desktop\adwcleaner_3.309.exe
2014-09-09 19:09 - 2014-09-09 19:09 - 00022457 _____ () C:\ComboFix.txt
2014-09-09 18:45 - 2014-09-09 19:09 - 00000000 ____D () C:\Qoobox
2014-09-09 18:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-09 18:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-09 18:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-09 18:44 - 2014-09-09 19:08 - 00000000 ____D () C:\Windows\erdnt
2014-09-09 18:41 - 2014-09-09 18:41 - 05576885 ____R (Swearware) C:\Users\ANTJEKRAMER\Desktop\ComboFix.exe
2014-09-09 18:20 - 2014-09-10 17:06 - 00000000 ____D () C:\FRST
2014-09-09 18:19 - 2014-09-09 18:19 - 01097728 _____ (Farbar) C:\Users\ANTJEKRAMER\Desktop\FRST.exe
2014-09-08 21:05 - 2014-09-08 21:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-08 20:44 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-08 20:44 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-08 20:44 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-08 20:44 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-08 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-08 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-08 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-08 20:33 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-08 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-08 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-08 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-08 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-08 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-08 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-08 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-08 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-08 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-08 20:33 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-08 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-08 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-08 20:33 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-08 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-08 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-08 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-08 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-08 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-08 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-08 20:33 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-08 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-08 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-08 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-08 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-08 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-08 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-08 20:33 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-08 20:33 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-08 20:33 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-08 20:33 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-08 20:32 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-08 20:32 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-08 20:31 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-08 20:31 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-08 20:31 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-08 20:31 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-08 20:31 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-08 20:29 - 2014-08-07 03:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-08 20:29 - 2014-08-07 03:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-08 20:29 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-08 20:12 - 2014-09-08 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-08 20:09 - 2014-09-08 20:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-08 19:57 - 2014-09-08 19:57 - 02806920 _____ () C:\Users\ANTJEKRAMER\Downloads\Adaware_Installer(1).exe
2014-08-31 15:21 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-31 15:21 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-31 15:21 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-31 15:21 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-31 15:20 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-31 15:20 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-31 15:20 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-31 15:19 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-31 15:19 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 17:06 - 2014-09-10 17:05 - 00020552 _____ () C:\Users\ANTJEKRAMER\Desktop\FRST.txt
2014-09-10 17:06 - 2014-09-09 18:20 - 00000000 ____D () C:\FRST
2014-09-10 17:04 - 2011-02-13 18:01 - 00000000 ____D () C:\Users\ANTJEKRAMER\AppData\Roaming\Skype
2014-09-10 17:03 - 2009-07-14 06:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 17:03 - 2009-07-14 06:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 17:00 - 2014-09-10 17:00 - 00001274 _____ () C:\Users\ANTJEKRAMER\Desktop\JRT.txt
2014-09-10 16:59 - 2011-01-05 21:06 - 01429120 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 16:58 - 2014-09-10 16:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 16:56 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 16:56 - 2009-07-14 06:39 - 00164406 _____ () C:\Windows\setupact.log
2014-09-10 16:54 - 2014-09-10 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 16:53 - 2014-09-10 16:53 - 01016261 _____ (Thisisu) C:\Users\ANTJEKRAMER\Desktop\JRT.exe
2014-09-10 16:52 - 2014-09-10 16:52 - 00002906 _____ () C:\Users\ANTJEKRAMER\Desktop\mbam.Xml
2014-09-10 16:51 - 2014-09-10 16:51 - 00005048 _____ () C:\Users\ANTJEKRAMER\Desktop\mbam_schutz.txt
2014-09-10 16:49 - 2014-09-10 16:49 - 00001031 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-10 16:43 - 2014-09-10 16:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\ANTJEKRAMER\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-10 16:26 - 2012-10-19 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 16:18 - 2012-10-19 17:51 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 16:18 - 2011-05-15 18:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 16:00 - 2009-12-07 12:02 - 00715352 _____ () C:\Windows\PFRO.log
2014-09-10 15:59 - 2014-09-10 15:48 - 00000000 ____D () C:\AdwCleaner
2014-09-10 15:48 - 2014-09-10 15:48 - 01370483 _____ () C:\Users\ANTJEKRAMER\Desktop\adwcleaner_3.309.exe
2014-09-10 15:42 - 2013-04-17 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-09 19:09 - 2014-09-09 19:09 - 00022457 _____ () C:\ComboFix.txt
2014-09-09 19:09 - 2014-09-09 18:45 - 00000000 ____D () C:\Qoobox
2014-09-09 19:09 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-09-09 19:09 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-09 19:08 - 2014-09-09 18:44 - 00000000 ____D () C:\Windows\erdnt
2014-09-09 19:03 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-09-09 19:01 - 2009-07-14 04:03 - 63700992 _____ () C:\Windows\system32\config\software.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 21757952 _____ () C:\Windows\system32\config\system.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 00061440 _____ () C:\Windows\system32\config\sam.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 00028672 _____ () C:\Windows\system32\config\security.bak
2014-09-09 18:41 - 2014-09-09 18:41 - 05576885 ____R (Swearware) C:\Users\ANTJEKRAMER\Desktop\ComboFix.exe
2014-09-09 18:19 - 2014-09-09 18:19 - 01097728 _____ (Farbar) C:\Users\ANTJEKRAMER\Desktop\FRST.exe
2014-09-09 16:07 - 2013-04-17 12:50 - 00000000 ____D () C:\Program Files\Avira
2014-09-09 16:07 - 2013-03-08 19:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 10:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-08 21:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-08 21:13 - 2012-05-08 11:50 - 00000000 ____D () C:\Program Files\Google
2014-09-08 21:05 - 2014-09-08 21:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-08 21:05 - 2011-02-13 18:01 - 00000000 ____D () C:\ProgramData\Skype
2014-09-08 20:58 - 2011-01-05 21:25 - 00000000 ___RD () C:\Users\ANTJEKRAMER\Eigene Musik
2014-09-08 20:56 - 2009-07-14 06:33 - 00420584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 20:53 - 2014-05-06 18:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-08 20:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-08 20:52 - 2009-12-07 12:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-08 20:50 - 2013-08-26 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-08 20:47 - 2011-01-14 21:40 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-08 20:12 - 2014-09-08 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-08 20:09 - 2014-09-08 20:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-08 20:01 - 2011-01-05 21:25 - 00000000 ____D () C:\Users\ANTJEKRAMER
2014-09-08 19:57 - 2014-09-08 19:57 - 02806920 _____ () C:\Users\ANTJEKRAMER\Downloads\Adaware_Installer(1).exe
2014-08-31 15:27 - 2012-03-09 19:59 - 00000000 ____D () C:\ProgramData\Avira
2014-08-25 06:53 - 2011-01-06 19:26 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 03:46 - 2014-09-08 20:32 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-09-08 20:32 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\ANTJEKRAMER\AppData\Local\temp\avgnt.exe
C:\Users\ANTJEKRAMER\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-09 10:02

==================== End Of Log ============================
         
--- --- ---



Additional:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2014
Ran by ANTJEKRAMER at 2014-09-10 17:06:55
Running from C:\Users\ANTJEKRAMER\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Ad-Aware Antivirus (HKLM\...\{30EA2BAC-C89C-4EAE-BDCF-8C7C8DDB79B1}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
Ad-Aware Browsing Protection (HKLM\...\Ad-Aware Browsing Protection) (Version: 0.9.0.2 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{327302DA-42B3-CF80-A242-E7E16FB6BB91}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudibleManager (HKLM\...\AudibleManager) (Version: 2000050912.48.56.27725034 - Audible, Inc.)
Avira (HKLM\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CanoScan Toolbox Ver4.6 (HKLM\...\{088A077A-8028-408C-AE7B-4512AE2A65A0}) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0908.2225.38429 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0908.2225.38429 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Czech (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Danish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Dutch (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help English (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Finnish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help French (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help German (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Greek (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Italian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Japanese (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Korean (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Polish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Russian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Spanish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Swedish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Thai (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Turkish (Version: 2009.0908.2224.38429 - ATI) Hidden
ccc-core-static (Version: 2009.0908.2225.38429 - Ihr Firmenname) Hidden
ccc-utility (Version: 2009.0908.2225.38429 - ATI) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Creative Jukebox Driver (HKLM\...\Creative Jukebox Driver) (Version:  - )
Creative Media Lite (HKLM\...\Creative Media Lite) (Version:  - )
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 2.00 - )
Creative Software Update (Version: 1.00.14 - Creative Technology Ltd.) Hidden
Creative ZEN Stone-Benutzerhandbuch (HKLM\...\ZENStoneUG) (Version:  - Creative Tech)
Creative Zen Touch (HKLM\...\{1103112B-513D-4DEF-96B4-9889774E0118}) (Version: 1.0 - )
Creative-Systeminformationen (HKLM\...\SysInfo) (Version:  - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Elevated Installer (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
FOTOParadies (HKLM\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 3.5.7.5 - Foto Online Service GmbH)
Garmin Express (HKLM\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
iTunes (HKLM\...\{C8EBB0DE-5655-4D32-99E1-9447E702A89F}) (Version: 11.1.2.32 - Apple Inc.)
Java(TM) 6 Update 14 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.1 - Nikon)
PDF24 Creator 5.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.11.0 - Synaptics Incorporated)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.12 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM\...\InstallShield_{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}) (Version: 1.5.06.32 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.5.06.32 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.06-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.12.0 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.1.12.0 - TOSHIBA Corporation) Hidden
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - Toshiba) Hidden
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.3.32 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.32 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.4C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (Version: 1.63.0.16C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.4 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.1.0 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM\...\InstallShield_{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}) (Version: 1.5.08.32 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.5.08.32 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (Version: 1.63.0.7C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
Toshiba TEMPRO (HKLM\...\{14555947-6F14-421F-8F61-6489E0FDFAE5}) (Version: 3.08 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.34 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.2.34 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
TRORMCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.9 - TOSHIBA)
TRORMCLauncher (Version: 1.0.0.9 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Utility Common Driver (Version: 1.0.50.27C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.1.1 - Nikon)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WildTangent-Spiele (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AviraIDW.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\Avira.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{5CAA6074-C368-4FAD-A0D6-2F348355C324}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~2.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{DF846759-BE0F-4451-B9D3-4BEFF765A1FD}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAT~1.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL No File

==================== Restore Points  =========================

01-08-2014 20:06:23 Windows Update
01-08-2014 20:25:51 Windows Update
10-08-2014 17:52:08 Windows Update
31-08-2014 13:16:31 Entfernt Creative MediaSource Detector
31-08-2014 13:18:53 Windows Update
31-08-2014 13:18:58 Konfiguriert Engine Installer
31-08-2014 13:20:55 Windows-Sicherung
08-09-2014 17:59:10 AA11
08-09-2014 18:23:51 Windows Update
08-09-2014 18:35:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-09-09 19:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B967E98-4F4A-40AE-B171-8C85852EEE01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {1BA01909-43F1-46E1-803F-A22ABA4E19D0} - System32\Tasks\{79283F13-2AE4-4C8C-8849-5B6327159300} => C:\Users\ANTJEKRAMER\Downloads\B4A01dex.exe
Task: {282F9EC6-53CD-474D-87F6-66F444FAA039} - System32\Tasks\{35B5CFF1-DB37-46C7-84DF-488BAD58EF78} => C:\Program Files\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {71291486-D27D-478A-AB82-2D212F8A774B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {71D01C25-F216-4C33-AE59-C4BF3FCC486B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-08] (Google Inc.)
Task: {7813C8B8-F101-4F09-A3A0-6F885586596A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-08] (Google Inc.)
Task: {8B0E9263-B6FC-47CB-B8E6-73792DE33F3B} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-10-28] (TOSHIBA CORPORATION)
Task: {9FBD16D5-860C-432D-B5B1-0CE6296219E8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2012-05-25] (Lavasoft Limited                                                      )
Task: {C572C1CD-B38D-4B0E-B392-093AA0B9818C} - \8e6d0740 No Task File <==== ATTENTION
Task: {D63CD7E5-5B48-487C-AF3C-5BE8FDF8028B} - System32\Tasks\{3BE50B50-EFD9-4B8C-954D-6292082461B3} => C:\Users\ANTJEKRAMER\Downloads\4200fvst8611a_xpen(1).exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 12:51 - 2014-08-27 12:51 - 00655864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 12:55 - 2014-08-27 12:55 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 09918800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01643352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00747352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00865608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00206664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00779096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01000256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 12:56 - 2014-08-27 12:56 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00768344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00868184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00703304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00666448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02359632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02411344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00834384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00977216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00739656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2009-09-28 15:42 - 2009-09-28 15:42 - 00525688 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2011-01-05 20:59 - 2009-10-02 14:18 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2009-05-04 11:45 - 2009-05-04 11:45 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-05 21:02 - 2011-01-05 21:02 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-10-18 16:20 - 2009-10-18 16:20 - 07980344 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 14:26 - 2009-11-03 14:26 - 00058680 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2009-12-07 11:56 - 2009-06-22 15:38 - 00015160 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 20:08 - 2009-03-12 20:08 - 00049152 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 12:57 - 2006-10-07 12:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2009-07-29 16:35 - 2009-07-29 16:35 - 00014648 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 07642432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 12:55 - 2014-08-27 12:55 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01597248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00833360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2014-05-09 17:31 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-08-27 12:55 - 2014-08-27 12:55 - 02555216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
2011-01-05 22:05 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2009-11-05 10:14 - 2009-11-05 10:14 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GamesAppService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk => C:\Windows\pss\Nikon Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ANTJEKRAMER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Creative Detector => "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
MSCONFIG\startupreg: CTZDetec.exe => C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SoftAuto.exe => "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (06/16/2011 09:36:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1183 seconds with 600 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 43%
Total physical RAM: 3061.61 MB
Available physical RAM: 1716.09 MB
Total Pagefile: 6121.5 MB
Available Pagefile: 4388.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.55 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.42 GB) (Free:165.04 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.95 GB) (Free:88.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76D98D76)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Ich hoffe, das passt so....

Danke auf jeden Fall!

Alt 11.09.2014, 10:46   #8
M-K-D-B
/// TB-Ausbilder
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKU\.DEFAULT\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\.DEFAULT\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
HKU\S-1-5-19\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-19\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-20\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AviraIDW.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\Avira.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{5CAA6074-C368-4FAD-A0D6-2F348355C324}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~2.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{DF846759-BE0F-4451-B9D3-4BEFF765A1FD}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAT~1.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL No File
Task: {C572C1CD-B38D-4B0E-B392-093AA0B9818C} - \8e6d0740 No Task File <==== ATTENTION
Task: {1BA01909-43F1-46E1-803F-A22ABA4E19D0} - System32\Tasks\{79283F13-2AE4-4C8C-8849-5B6327159300} => C:\Users\ANTJEKRAMER\Downloads\B4A01dex.exe
Task: {D63CD7E5-5B48-487C-AF3C-5BE8FDF8028B} - System32\Tasks\{3BE50B50-EFD9-4B8C-954D-6292082461B3} => C:\Users\ANTJEKRAMER\Downloads\4200fvst8611a_xpen(1).exe
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.





Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck,
  • die beiden neuen Logdateien von FRST.

Alt 11.09.2014, 20:48   #9
Kapiernix
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



hey matthias,

anbei meine "ergebnisse":

FRST-Fix

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2014
Ran by ANTJEKRAMER at 2014-09-11 18:12:52 Run:1
Running from C:\Users\ANTJEKRAMER\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKU\.DEFAULT\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\.DEFAULT\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
HKU\S-1-5-19\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-19\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-20\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ATTENTION 
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AviraIDW.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\Avira.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{5CAA6074-C368-4FAD-A0D6-2F348355C324}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~2.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{DF846759-BE0F-4451-B9D3-4BEFF765A1FD}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAT~1.DLL No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}\InprocServer32 -> C:\Users\ANTJEK~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAI~1.DLL No File
Task: {C572C1CD-B38D-4B0E-B392-093AA0B9818C} - \8e6d0740 No Task File <==== ATTENTION
Task: {1BA01909-43F1-46E1-803F-A22ABA4E19D0} - System32\Tasks\{79283F13-2AE4-4C8C-8849-5B6327159300} => C:\Users\ANTJEKRAMER\Downloads\B4A01dex.exe
Task: {D63CD7E5-5B48-487C-AF3C-5BE8FDF8028B} - System32\Tasks\{3BE50B50-EFD9-4B8C-954D-6292082461B3} => C:\Users\ANTJEKRAMER\Downloads\4200fvst8611a_xpen(1).exe
EmptyTemp:
end
         
*****************

Processes closed successfully.
HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Key deleted successfully.
"HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Key not found.
"HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{4D72E5BC-BC7C-11E0-83CA-10424824019B}" => Key deleted successfully.
"HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{595EF3BD-A186-454A-810C-02015139ACDC}" => Key deleted successfully.
"HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{5CAA6074-C368-4FAD-A0D6-2F348355C324}" => Key deleted successfully.
"HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}" => Key deleted successfully.
"HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{DF846759-BE0F-4451-B9D3-4BEFF765A1FD}" => Key deleted successfully.
"HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{FBE88A10-FF53-11E0-AB2A-AE904824019B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C572C1CD-B38D-4B0E-B392-093AA0B9818C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C572C1CD-B38D-4B0E-B392-093AA0B9818C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8e6d0740" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BA01909-43F1-46E1-803F-A22ABA4E19D0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BA01909-43F1-46E1-803F-A22ABA4E19D0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{79283F13-2AE4-4C8C-8849-5B6327159300} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79283F13-2AE4-4C8C-8849-5B6327159300}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D63CD7E5-5B48-487C-AF3C-5BE8FDF8028B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D63CD7E5-5B48-487C-AF3C-5BE8FDF8028B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3BE50B50-EFD9-4B8C-954D-6292082461B3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BE50B50-EFD9-4B8C-954D-6292082461B3}" => Key deleted successfully.
EmptyTemp: => Removed 367.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         


ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=27242cf76c478c49a3c13d686ecd8c5a
# engine=20109
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-11 07:32:02
# local_time=2014-09-11 09:32:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 103560 162095113 0 0
# scanned=225183
# found=32
# cleaned=0
# scan_time=11135
sh=1CF888606297FFC6F2DC0D9BA54B93197328C760 ft=1 fh=fa718a4416fb98e3 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\adawaretb\adawareDx.dll.vir"
sh=5FB6C6C4BC61EC715AF2FF71E0C4A503218461DA ft=1 fh=08f50736f4ad2a00 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\adawaretb\adawaretb.dll.vir"
sh=5578D96020FF5660E3EF230DDEA75E6A72ECAA32 ft=1 fh=c71c001169491fb0 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\adawaretb\dtUser.exe.vir"
sh=060B186815EE45577877137FFB1AAC4CD95884C0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-2.2\33036.crx.vir"
sh=51FCB9E08E84FECF929EFF239B7490F511D96752 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-2.2\33036.xpi.vir"
sh=714D4E30D9D4066DEC1BA2C91625D7B685B990CF ft=1 fh=300c30ab444f1480 vn="Win32/Toolbar.CrossRider.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-2.2\utils.exe.vir"
sh=FF28E21E32CAD198B64852130ACA1C19A05067DC ft=1 fh=cd51d5272c5878fb vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\LocalLow\adawaretb\adawareDx.dll.vir"
sh=32D60DAEFF549FDAD23B2F9D5D311708B130C322 ft=1 fh=1b9f47df6137f750 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\LocalLow\adawaretb\adawaretb.dll.vir"
sh=13140FCCCBAA29328B0A85FA4025587A41592E86 ft=1 fh=35424f93784fbad1 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\LocalLow\adawaretb\dtUser.exe.vir"
sh=46D2B5A35BCFAAE17B5F3BEC5206579F201B3B60 ft=0 fh=0000000000000000 vn="JS/Agent.NNS Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\96gqb7pq.default\Cache\0\00\3CD53d01"
sh=5578D96020FF5660E3EF230DDEA75E6A72ECAA32 ft=1 fh=c71c001169491fb0 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\96gqb7pq.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe"
sh=99B6C5FC1035F69E768E768AC7AAD1E691C2F236 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2011-04-30 192804\Backup Files 2011-06-05 102207\Backup files 1.zip"
sh=90ABA3F4AFC5CAFAE681A290B2047F87EB670A36 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-09-01 190914\Backup files 7.zip"
sh=185E0C68F199DEFA4FEF5A03B490B25D159F6C00 ft=0 fh=0000000000000000 vn="HTML/Fraud.BD.Gen Trojaner" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-11-30 201445\Backup files 2.zip"
sh=3D2F345BAEC43C86FF3BB14B0B8A0EEC4DF389C9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-11-30 201445\Backup files 3.zip"
sh=9CF207255F8C447A4E3E8829B3FE1D7DC770264C ft=0 fh=0000000000000000 vn="HTML/Fraud.BD.Gen Trojaner" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-11-30 201445\Backup files 5.zip"
sh=BCC895AF032C6843BB33F5467080DF64CDA9CED3 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-03-01 183659\Backup files 1.zip"
sh=C333F0A5B389C3813B36A3B37A37C3438F3117A9 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-03-01 183659\Backup files 15.zip"
sh=91AAE1B23888014631494FC1502343768010FD0C ft=0 fh=0000000000000000 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-10-10 120010\Backup files 3.zip"
sh=A398CC1EBEAAE8C0D1D2EA52240F0D423732E0F5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-10-10 120010\Backup files 5.zip"
sh=9C623BCF3704471A59C7C3BCD15A9C8E3A6F3D73 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-10-31 120005\Backup files 1.zip"
sh=872D5D0FE1795B0346F40E1F7631A2656208AEAD ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-10-31 120005\Backup files 3.zip"
sh=6E541A118AB7FA972DE5D223840174C8A2D34C2D ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-10-31 120005\Backup files 8.zip"
sh=FD7DA947FC849EC9891EF12C9540A8D6DB900D6B ft=0 fh=0000000000000000 vn="JS/Agent.NNS Trojaner" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-11-30 142740\Backup files 2.zip"
sh=CBB1893AD3123D0197A3EC19E99EB73AF8DC90E7 ft=0 fh=0000000000000000 vn="JS/Agent.NNS Trojaner" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-11-30 142740\Backup files 3.zip"
sh=F1E5090C669FE19B830D3FB4A11CC9D7529E9236 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-11-30 142740\Backup files 9.zip"
sh=E01210228EA29CEA1DE01141152B7F7DEB061D4F ft=0 fh=0000000000000000 vn="JS/Agent.NNS Trojaner" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2013-01-31 130640\Backup files 11.zip"
sh=5AD3679735042805E7BBD152CA158FB210160147 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-02-28 190132\Backup files 1.zip"
sh=E663AB377C346C6681FA0BDC9ED54A0C28026822 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-02-28 190132\Backup files 17.zip"
sh=C082852948270F69DACED1CEFF48F183D9804D0B ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-12-31 202021\Backup files 1.zip"
sh=2C1CAF0F0E5BC6AC00A8FE03F0D6ECAB6FB6F183 ft=0 fh=0000000000000000 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-12-31 202021\Backup files 3.zip"
sh=793037866030B585B16948FB8555A55594BAC6D4 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2014-03-31 171633\Backup Files 2014-03-31 171633\Backup files 1.zip"
         

SecurityCheck

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Ad-Aware Antivirus   
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Ad-Aware 
 Java(TM) 6 Update 14  
 Java version out of Date! 
 Adobe Flash Player 	15.0.0.152  
 Adobe Reader XI  
 Mozilla Firefox (31.0) 
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled! 
 Ad-Aware AAWTray.exe is disabled! 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.3.6321.0\AdAwareService.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.3.6321.0\AdAwareTray.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by ANTJEKRAMER (administrator) on ANTJE on 11-09-2014 21:42:03
Running from C:\Users\ANTJEKRAMER\Desktop
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\System32\CTSVCCDA.EXE
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTDevSrv.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(Creative Technology Ltd.) C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
() C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050000 2009-10-15] (Toshiba Europe GmbH)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-08] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7858720 2009-10-21] (Realtek Semiconductor)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-08-12] (TOSHIBA)
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [425984 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [480608 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [521528 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [738616 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1586472 2009-10-15] (Synaptics Incorporated)
HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION.)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1328480 2009-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [611672 2009-11-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [29528 2009-11-30] (TOSHIBA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [198032 2011-10-21] (Lavasoft)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [7642432 2014-08-27] ()
HKLM\...\Run: [avgnt] => "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [CTZDetec.exe] => C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [368640 2008-04-24] (Creative Technology Ltd.)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2254722259-2390501912-3981444591-1000\...\Run: [Amazon Cloud Player] => C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
Startup: C:\Users\ANTJEKRAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.lnk
ShortcutTarget: firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {067F90BA-8380-42AD-A44C-56320425566A} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {E7F8E38E-F304-4B3D-A235-CD13DC20EAA9} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-03-26]
FF Extension: Avira Browser Safety - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\abs@avira.com [2014-08-31]
FF Extension: Garmin Communicator - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-03-08]
FF Extension: YouTube Unblocker - C:\Users\ANTJEKRAMER\AppData\Roaming\Mozilla\Firefox\Profiles\clcl7imp.default\Extensions\youtubeunblocker@unblocker.yt.xpi [2013-06-01]

Chrome: 
=======
CHR CustomProfile: C:\Users\ANTJEKRAMER\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-10-27] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTDevice_Srv; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [655864 2014-08-27] ()
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [116104 2009-10-15] (Toshiba Europe GmbH)
R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-06] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-09-28] (TOSHIBA Corporation)
R3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-11-05] (TOSHIBA Corporation)
R3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [677232 2009-11-10] (TOSHIBA Corporation)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [165744 2014-04-22] (BitDefender LLC)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 Lavasoft Kernexplorer; C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [15232 2012-06-17] ()
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-30] (COMPAL ELECTRONIC INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R2 PfModNT; C:\Windows\system32\drivers\PfModNT.sys [71596 2004-06-03] (Creative Technology Ltd.) [File not signed]
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [157536 2009-05-20] (Realtek Semiconductor Corp.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-03-02] (Samsung Electronics) [File not signed]
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-04-22] (BitDefender S.R.L.)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\ANTJEK~1\AppData\Local\Temp\catchme.sys [X]
S3 FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 21:42 - 2014-09-11 21:42 - 00020022 _____ () C:\Users\ANTJEKRAMER\Desktop\FRST.txt
2014-09-11 21:41 - 2014-09-11 21:41 - 00001227 _____ () C:\Users\ANTJEKRAMER\Desktop\checkup.txt
2014-09-11 21:37 - 2014-09-11 21:37 - 00854417 _____ () C:\Users\ANTJEKRAMER\Desktop\SecurityCheck.exe
2014-09-11 18:19 - 2014-09-11 18:19 - 02347384 _____ (ESET) C:\Users\ANTJEKRAMER\Desktop\esetsmartinstaller_deu.exe
2014-09-11 18:12 - 2014-09-11 18:12 - 00002151 _____ () C:\Users\ANTJEKRAMER\Documents\fixlist.txt
2014-09-10 17:49 - 2014-09-10 17:49 - 00000000 ____D () C:\Users\ANTJEKRAMER\AppData\Local\Apps\2.0
2014-09-10 16:54 - 2014-09-10 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 16:53 - 2014-09-10 16:53 - 01016261 _____ (Thisisu) C:\Users\ANTJEKRAMER\Desktop\JRT.exe
2014-09-10 16:49 - 2014-09-11 18:48 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 16:49 - 2014-09-10 16:49 - 00001031 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-10 16:49 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-10 16:49 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-10 16:49 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 15:48 - 2014-09-10 15:59 - 00000000 ____D () C:\AdwCleaner
2014-09-10 15:48 - 2014-09-10 15:48 - 01370483 _____ () C:\Users\ANTJEKRAMER\Desktop\adwcleaner_3.309.exe
2014-09-09 19:09 - 2014-09-09 19:09 - 00022457 _____ () C:\ComboFix.txt
2014-09-09 18:45 - 2014-09-09 19:09 - 00000000 ____D () C:\Qoobox
2014-09-09 18:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-09 18:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-09 18:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-09 18:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-09 18:44 - 2014-09-09 19:08 - 00000000 ____D () C:\Windows\erdnt
2014-09-09 18:41 - 2014-09-09 18:41 - 05576885 ____R (Swearware) C:\Users\ANTJEKRAMER\Desktop\ComboFix.exe
2014-09-09 18:20 - 2014-09-11 21:42 - 00000000 ____D () C:\FRST
2014-09-09 18:19 - 2014-09-09 18:19 - 01097728 _____ (Farbar) C:\Users\ANTJEKRAMER\Desktop\FRST.exe
2014-09-08 21:05 - 2014-09-08 21:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-08 20:44 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-08 20:44 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-08 20:44 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-08 20:44 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-08 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-08 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-08 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-08 20:33 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-08 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-08 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-08 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-08 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-08 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-08 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-08 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-08 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-08 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-08 20:33 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-08 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-08 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-08 20:33 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-08 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-08 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-08 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-08 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-08 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-08 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-08 20:33 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-08 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-08 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-08 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-08 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-08 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-08 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-08 20:33 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-08 20:33 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-08 20:33 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-08 20:33 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-08 20:32 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-08 20:32 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-08 20:31 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-08 20:31 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-08 20:31 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-08 20:31 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-08 20:31 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-08 20:29 - 2014-08-07 03:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-08 20:29 - 2014-08-07 03:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-08 20:29 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-08 20:12 - 2014-09-08 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-08 20:09 - 2014-09-08 20:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-08 19:57 - 2014-09-08 19:57 - 02806920 _____ () C:\Users\ANTJEKRAMER\Downloads\Adaware_Installer(1).exe
2014-08-31 15:21 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-31 15:21 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-31 15:21 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-31 15:21 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-31 15:20 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-31 15:20 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-31 15:20 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-31 15:19 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-31 15:19 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 21:42 - 2014-09-11 21:42 - 00020022 _____ () C:\Users\ANTJEKRAMER\Desktop\FRST.txt
2014-09-11 21:42 - 2014-09-09 18:20 - 00000000 ____D () C:\FRST
2014-09-11 21:41 - 2014-09-11 21:41 - 00001227 _____ () C:\Users\ANTJEKRAMER\Desktop\checkup.txt
2014-09-11 21:37 - 2014-09-11 21:37 - 00854417 _____ () C:\Users\ANTJEKRAMER\Desktop\SecurityCheck.exe
2014-09-11 21:17 - 2012-10-19 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-11 20:14 - 2011-01-05 21:06 - 01541536 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 18:48 - 2014-09-10 16:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 18:22 - 2009-07-14 06:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 18:22 - 2009-07-14 06:34 - 00019248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 18:19 - 2014-09-11 18:19 - 02347384 _____ (ESET) C:\Users\ANTJEKRAMER\Desktop\esetsmartinstaller_deu.exe
2014-09-11 18:16 - 2011-02-13 18:01 - 00000000 ____D () C:\Users\ANTJEKRAMER\AppData\Roaming\Skype
2014-09-11 18:15 - 2009-12-07 12:02 - 00718644 _____ () C:\Windows\PFRO.log
2014-09-11 18:15 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 18:15 - 2009-07-14 06:39 - 00164574 _____ () C:\Windows\setupact.log
2014-09-11 18:12 - 2014-09-11 18:12 - 00002151 _____ () C:\Users\ANTJEKRAMER\Documents\fixlist.txt
2014-09-10 17:49 - 2014-09-10 17:49 - 00000000 ____D () C:\Users\ANTJEKRAMER\AppData\Local\Apps\2.0
2014-09-10 17:46 - 2011-01-05 21:46 - 00000000 ____D () C:\Users\ANTJEKRAMER\AppData\Local\Adobe
2014-09-10 17:43 - 2013-04-17 12:50 - 00000000 ____D () C:\Program Files\Avira
2014-09-10 17:43 - 2013-03-08 19:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 17:43 - 2012-03-09 19:59 - 00000000 ____D () C:\ProgramData\Avira
2014-09-10 17:18 - 2012-10-19 17:51 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 17:18 - 2011-05-15 18:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 16:54 - 2014-09-10 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 16:53 - 2014-09-10 16:53 - 01016261 _____ (Thisisu) C:\Users\ANTJEKRAMER\Desktop\JRT.exe
2014-09-10 16:49 - 2014-09-10 16:49 - 00001031 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-10 16:49 - 2014-09-10 16:49 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-09-10 16:06 - 2014-09-10 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 15:59 - 2014-09-10 15:48 - 00000000 ____D () C:\AdwCleaner
2014-09-10 15:48 - 2014-09-10 15:48 - 01370483 _____ () C:\Users\ANTJEKRAMER\Desktop\adwcleaner_3.309.exe
2014-09-09 19:09 - 2014-09-09 19:09 - 00022457 _____ () C:\ComboFix.txt
2014-09-09 19:09 - 2014-09-09 18:45 - 00000000 ____D () C:\Qoobox
2014-09-09 19:09 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-09-09 19:09 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-09 19:08 - 2014-09-09 18:44 - 00000000 ____D () C:\Windows\erdnt
2014-09-09 19:03 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-09-09 19:01 - 2009-07-14 04:03 - 63700992 _____ () C:\Windows\system32\config\software.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 21757952 _____ () C:\Windows\system32\config\system.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 00061440 _____ () C:\Windows\system32\config\sam.bak
2014-09-09 19:01 - 2009-07-14 04:03 - 00028672 _____ () C:\Windows\system32\config\security.bak
2014-09-09 18:41 - 2014-09-09 18:41 - 05576885 ____R (Swearware) C:\Users\ANTJEKRAMER\Desktop\ComboFix.exe
2014-09-09 18:19 - 2014-09-09 18:19 - 01097728 _____ (Farbar) C:\Users\ANTJEKRAMER\Desktop\FRST.exe
2014-09-09 10:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-08 21:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-08 21:13 - 2012-05-08 11:50 - 00000000 ____D () C:\Program Files\Google
2014-09-08 21:05 - 2014-09-08 21:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-08 21:05 - 2011-02-13 18:01 - 00000000 ____D () C:\ProgramData\Skype
2014-09-08 20:58 - 2011-01-05 21:25 - 00000000 ___RD () C:\Users\ANTJEKRAMER\Eigene Musik
2014-09-08 20:56 - 2009-07-14 06:33 - 00420584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 20:53 - 2014-05-06 18:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-08 20:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-08 20:52 - 2009-12-07 12:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-08 20:50 - 2013-08-26 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-08 20:47 - 2011-01-14 21:40 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-08 20:12 - 2014-09-08 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-09-08 20:09 - 2014-09-08 20:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-09-08 20:01 - 2011-01-05 21:25 - 00000000 ____D () C:\Users\ANTJEKRAMER
2014-09-08 19:57 - 2014-09-08 19:57 - 02806920 _____ () C:\Users\ANTJEKRAMER\Downloads\Adaware_Installer(1).exe
2014-08-25 06:53 - 2011-01-06 19:26 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 03:46 - 2014-09-08 20:32 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-09-08 20:32 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-09 10:02

==================== End Of Log ============================
         
--- --- ---



Additional

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-09-2014
Ran by ANTJEKRAMER at 2014-09-11 21:42:52
Running from C:\Users\ANTJEKRAMER\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Ad-Aware Antivirus (HKLM\...\{30EA2BAC-C89C-4EAE-BDCF-8C7C8DDB79B1}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
Ad-Aware Browsing Protection (HKLM\...\Ad-Aware Browsing Protection) (Version: 0.9.0.2 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{327302DA-42B3-CF80-A242-E7E16FB6BB91}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudibleManager (HKLM\...\AudibleManager) (Version: 2000050912.48.56.27725034 - Audible, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CanoScan Toolbox Ver4.6 (HKLM\...\{088A077A-8028-408C-AE7B-4512AE2A65A0}) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0908.2225.38429 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0908.2225.38429 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0908.2225.38429 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Czech (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Danish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Dutch (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help English (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Finnish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help French (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help German (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Greek (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Italian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Japanese (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Korean (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Polish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Russian (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Spanish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Swedish (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Thai (Version: 2009.0908.2224.38429 - ATI) Hidden
CCC Help Turkish (Version: 2009.0908.2224.38429 - ATI) Hidden
ccc-core-static (Version: 2009.0908.2225.38429 - Ihr Firmenname) Hidden
ccc-utility (Version: 2009.0908.2225.38429 - ATI) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Creative Jukebox Driver (HKLM\...\Creative Jukebox Driver) (Version:  - )
Creative Media Lite (HKLM\...\Creative Media Lite) (Version:  - )
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 2.00 - )
Creative Software Update (Version: 1.00.14 - Creative Technology Ltd.) Hidden
Creative ZEN Stone-Benutzerhandbuch (HKLM\...\ZENStoneUG) (Version:  - Creative Tech)
Creative Zen Touch (HKLM\...\{1103112B-513D-4DEF-96B4-9889774E0118}) (Version: 1.0 - )
Creative-Systeminformationen (HKLM\...\SysInfo) (Version:  - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Elevated Installer (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
FOTOParadies (HKLM\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 3.5.7.5 - Foto Online Service GmbH)
Garmin Express (HKLM\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
iTunes (HKLM\...\{C8EBB0DE-5655-4D32-99E1-9447E702A89F}) (Version: 11.1.2.32 - Apple Inc.)
Java(TM) 6 Update 14 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.1 - Nikon)
PDF24 Creator 5.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.11.0 - Synaptics Incorporated)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.12 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM\...\InstallShield_{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}) (Version: 1.5.06.32 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.5.06.32 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.06-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.12.0 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.1.12.0 - TOSHIBA Corporation) Hidden
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - Toshiba) Hidden
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.3.32 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.32 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.4C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (Version: 1.63.0.16C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.4 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.1.0 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM\...\InstallShield_{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}) (Version: 1.5.08.32 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.5.08.32 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (Version: 1.63.0.7C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
Toshiba TEMPRO (HKLM\...\{14555947-6F14-421F-8F61-6489E0FDFAE5}) (Version: 3.08 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.34 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.2.34 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
TRORMCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.9 - TOSHIBA)
TRORMCLauncher (Version: 1.0.0.9 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Utility Common Driver (Version: 1.0.50.27C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.1.1 - Nikon)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WildTangent-Spiele (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2254722259-2390501912-3981444591-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)

==================== Restore Points  =========================

01-08-2014 20:06:23 Windows Update
01-08-2014 20:25:51 Windows Update
10-08-2014 17:52:08 Windows Update
31-08-2014 13:16:31 Entfernt Creative MediaSource Detector
31-08-2014 13:18:53 Windows Update
31-08-2014 13:18:58 Konfiguriert Engine Installer
31-08-2014 13:20:55 Windows-Sicherung
08-09-2014 17:59:10 AA11
08-09-2014 18:23:51 Windows Update
08-09-2014 18:35:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-09-09 19:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B967E98-4F4A-40AE-B171-8C85852EEE01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {282F9EC6-53CD-474D-87F6-66F444FAA039} - System32\Tasks\{35B5CFF1-DB37-46C7-84DF-488BAD58EF78} => C:\Program Files\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {71291486-D27D-478A-AB82-2D212F8A774B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {71D01C25-F216-4C33-AE59-C4BF3FCC486B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-08] (Google Inc.)
Task: {7813C8B8-F101-4F09-A3A0-6F885586596A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-08] (Google Inc.)
Task: {8B0E9263-B6FC-47CB-B8E6-73792DE33F3B} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-10-28] (TOSHIBA CORPORATION)
Task: {9FBD16D5-860C-432D-B5B1-0CE6296219E8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2012-05-25] (Lavasoft Limited                                                      )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 12:51 - 2014-08-27 12:51 - 00655864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 12:55 - 2014-08-27 12:55 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 09918800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01643352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00747352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00865608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00206664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00779096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01000256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 12:56 - 2014-08-27 12:56 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00768344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00868184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00703304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00666448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02359632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02411344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00834384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00977216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00739656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2009-09-28 15:42 - 2009-09-28 15:42 - 00525688 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2011-01-05 20:59 - 2009-10-02 14:18 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 02555216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
2011-01-05 22:05 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2009-05-04 11:45 - 2009-05-04 11:45 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-05 21:02 - 2011-01-05 21:02 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-10-18 16:20 - 2009-10-18 16:20 - 07980344 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 14:26 - 2009-11-03 14:26 - 00058680 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2009-12-07 11:56 - 2009-06-22 15:38 - 00015160 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 20:08 - 2009-03-12 20:08 - 00049152 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 12:57 - 2006-10-07 12:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2009-07-29 16:35 - 2009-07-29 16:35 - 00014648 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 07642432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 12:55 - 2014-08-27 12:55 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 01597248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00833360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 12:55 - 2014-08-27 12:55 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2014-05-09 17:31 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\ANTJEKRAMER\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2009-11-05 10:14 - 2009-11-05 10:14 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-07-31 20:24 - 2014-07-31 20:24 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-09-10 17:18 - 2014-09-10 17:18 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GamesAppService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk => C:\Windows\pss\Nikon Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ANTJEKRAMER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Creative Detector => "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
MSCONFIG\startupreg: CTZDetec.exe => C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SoftAuto.exe => "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (09/11/2014 07:16:08 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (09/11/2014 06:17:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/11/2014 06:17:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (09/11/2014 06:15:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Lbd
SBRE

Error: (09/11/2014 06:15:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (09/11/2014 06:14:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/11/2014 06:14:52 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "sppsvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/11/2014 06:13:22 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (09/11/2014 06:12:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/11/2014 06:12:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (06/16/2011 09:36:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1183 seconds with 600 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 57%
Total physical RAM: 3061.61 MB
Available physical RAM: 1304.13 MB
Total Pagefile: 6121.5 MB
Available Pagefile: 4080.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.57 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.42 GB) (Free:163.67 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.95 GB) (Free:88.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76D98D76)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
lieben dank und einen schönen abend!

antje

Alt 12.09.2014, 10:13   #10
M-K-D-B
/// TB-Ausbilder
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



Mehrere deiner Backup-Dateien sind mit Adware infiziert, ggf. per Hand löschen:
Zitat:
sh=99B6C5FC1035F69E768E768AC7AAD1E691C2F236 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2011-04-30 192804\Backup Files 2011-06-05 102207\Backup files 1.zip"
sh=90ABA3F4AFC5CAFAE681A290B2047F87EB670A36 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-09-01 190914\Backup files 7.zip"
sh=185E0C68F199DEFA4FEF5A03B490B25D159F6C00 ft=0 fh=0000000000000000 vn="HTML/Fraud.BD.Gen Trojaner" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-11-30 201445\Backup files 2.zip"
sh=3D2F345BAEC43C86FF3BB14B0B8A0EEC4DF389C9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-11-30 201445\Backup files 3.zip"
sh=9CF207255F8C447A4E3E8829B3FE1D7DC770264C ft=0 fh=0000000000000000 vn="HTML/Fraud.BD.Gen Trojaner" ac=I fn="D:\ANTJE\Backup Set 2011-08-01 114420\Backup Files 2011-11-30 201445\Backup files 5.zip"
sh=BCC895AF032C6843BB33F5467080DF64CDA9CED3 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-03-01 183659\Backup files 1.zip"
sh=C333F0A5B389C3813B36A3B37A37C3438F3117A9 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-03-01 183659\Backup files 15.zip"
sh=91AAE1B23888014631494FC1502343768010FD0C ft=0 fh=0000000000000000 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-10-10 120010\Backup files 3.zip"
sh=A398CC1EBEAAE8C0D1D2EA52240F0D423732E0F5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="D:\ANTJE\Backup Set 2012-03-01 183659\Backup Files 2012-10-10 120010\Backup files 5.zip"
sh=9C623BCF3704471A59C7C3BCD15A9C8E3A6F3D73 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-10-31 120005\Backup files 1.zip"
sh=872D5D0FE1795B0346F40E1F7631A2656208AEAD ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-10-31 120005\Backup files 3.zip"
sh=6E541A118AB7FA972DE5D223840174C8A2D34C2D ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-10-31 120005\Backup files 8.zip"
sh=FD7DA947FC849EC9891EF12C9540A8D6DB900D6B ft=0 fh=0000000000000000 vn="JS/Agent.NNS Trojaner" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-11-30 142740\Backup files 2.zip"
sh=CBB1893AD3123D0197A3EC19E99EB73AF8DC90E7 ft=0 fh=0000000000000000 vn="JS/Agent.NNS Trojaner" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-11-30 142740\Backup files 3.zip"
sh=F1E5090C669FE19B830D3FB4A11CC9D7529E9236 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2012-11-30 142740\Backup files 9.zip"
sh=E01210228EA29CEA1DE01141152B7F7DEB061D4F ft=0 fh=0000000000000000 vn="JS/Agent.NNS Trojaner" ac=I fn="D:\ANTJE\Backup Set 2012-10-31 120005\Backup Files 2013-01-31 130640\Backup files 11.zip"
sh=5AD3679735042805E7BBD152CA158FB210160147 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-02-28 190132\Backup files 1.zip"
sh=E663AB377C346C6681FA0BDC9ED54A0C28026822 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-02-28 190132\Backup files 17.zip"
sh=C082852948270F69DACED1CEFF48F183D9804D0B ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-12-31 202021\Backup files 1.zip"
sh=2C1CAF0F0E5BC6AC00A8FE03F0D6ECAB6FB6F183 ft=0 fh=0000000000000000 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="D:\ANTJE\Backup Set 2013-02-28 190132\Backup Files 2013-12-31 202021\Backup files 3.zip"
sh=793037866030B585B16948FB8555A55594BAC6D4 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="D:\ANTJE\Backup Set 2014-03-31 171633\Backup Files 2014-03-31 171633\Backup files 1.zip"




Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\96gqb7pq.default\Cache\0\00\3CD53d01
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\96gqb7pq.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.









Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Ändere regelmäßig alle deine Passwörter, jetzt nach der Bereinigung ist ein idealer Zeitpunkt dafür!
  • Verwende für jede Anwendung und jeden Account ein anderes Passwort.
  • Ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist das sehr wichtig.
  • Speichere keine Passwörter auf deinem PC, gib diese nicht an Dritte weiter.
  • Ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen und Sonderzeichen.
  • Benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster.
  • Verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben.





Schritt 1
Du verwendest veraltete Software auf deinem Rechner, was ein Sicherheitsrisiko darstellt. Daher solltest du veraltete Software deinstallieren und anschließend die aktuellste Version installieren.
Folge dem Pfad Start > Systemsteuerung > Sofware / Programme deinstallieren.
Deinstalliere die folgenden Programme von deinem Rechner:
  • Java(TM) 6 Update 14
Starte deinen Rechner nach der Deinstallation neu auf.
Downloade und installiere dir bitte nun:Starte deinen Rechner nach der Installation neu auf.





Schritt 2
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.







Schritt 3
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.


Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti-Viren-Programm und zusätzlicher Schutz
  • Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist! Ein kostenloses Anti-Viren Programm, das wir empfehlen, wäre z. B. Avast! Free Antivirus oder Microsoft Security Essentials.
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt. Du kannst es zusätzlich zu deinem Anti-Viren Programm verwenden.
    Update das Tool und lasse es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • AdwCleaner
    Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwünschten Programmen (PUPs).
    Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt von der Herstellerseite auf den Desktop herunterladen. Auch dieses Programm kann parallel zu deinem Anti-Viren Programm verwendet werden.
  • SpywareBlaster
    Eine kurze Einführung findest du Hier


Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
    Es spart außerdem Downloadkapazität.


Performance
  • Halte dich fern von Registry Cleanern.
    Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
    Miekemoes Blogspot ( MVP )


Was du vermeiden solltest:
  • Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
  • Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..).
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
  • Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!



Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 12.09.2014, 15:33   #11
Kapiernix
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



ähm, ich hab alles gemacht, was du gesagt hast, wollte aber erst am ende die fixlog.txt posten. und die ist jetzt weg mit dem programm....

aber ich meine, es stand praktisch nichts mehr drin. hoffentlich ist das ok.

vielen, vielen herzlichen dank für die ganze hilfe!!!!! ich habe auch die ganzen ratschläge berücksichtigt und hoffe, in zukunft besser gerüstet zu sein!

merci und ein happy weekend!

antje

Alt 12.09.2014, 21:19   #12
M-K-D-B
/// TB-Ausbilder
 
TR/Patched.Ren.Gen - Überfordert! - Standard

TR/Patched.Ren.Gen - Überfordert!



Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Antwort

Themen zu TR/Patched.Ren.Gen - Überfordert!
fehlercode 0x5, fehlercode 0xc0000005, heur/infected.webpage.gen, html/fraud.bd.gen, html/scrinject.b.gen, js/agent.nns, js/toolbar.crossrider.b, tr/patched.ren.gen, unerwünschtes programm, verschoben, win32/adware.1clickdownload.at, win32/dealply.m, win32/toolbar.crossrider.q, win32/toolbar.searchsuite, win32/toolbar.visicom.a, win32/toolbar.visicom.b, win32/toolbar.visicom.c




Ähnliche Themen: TR/Patched.Ren.Gen - Überfordert!


  1. Fange besser mit Punkt 4 der goldenen Regeln an, da ich bereits mit Punkt 3 überfordert bin.
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (3)
  2. Problem: Win8..TR/Patched.Ren.Gen..und..TR/Patched.Ren.Gen2
    Plagegeister aller Art und deren Bekämpfung - 07.11.2014 (5)
  3. Avira Scan, versteckter Treiber gefunden, infiziertes Objekt, Fehlermeldungen - bin ziemlich überfordert
    Log-Analyse und Auswertung - 05.03.2014 (24)
  4. TR/Patched.Ren.Gen
    Plagegeister aller Art und deren Bekämpfung - 22.02.2014 (14)
  5. Bin überfordert mit Firewall Einstellungen
    Antiviren-, Firewall- und andere Schutzprogramme - 13.11.2013 (8)
  6. BKA-Trojaner eingefangen (Win7, 32-bit) und mit der Entfernung überfordert
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (17)
  7. Datei C:\Windows\System32\services.exe infiziert: W32/Patched.UB, Patched.UA, Patched.ZA
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  8. Trojaner TR/ATRAPS.Gen eingefangen - Antivir und ich überfordert...
    Plagegeister aller Art und deren Bekämpfung - 16.07.2011 (45)
  9. TR/Patched.GR.10 in explorer.exe & TR/Patched.KL.238 in winlogon.exe
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  10. Windows Secruity Alert - hoffnugslos überfordert
    Plagegeister aller Art und deren Bekämpfung - 25.07.2010 (7)
  11. Völlig überfordert, Mühle läuft net mehr richtig, Firefox spinnt auch / directdr.com
    Log-Analyse und Auswertung - 03.02.2010 (11)
  12. überfordert! win32.netsky
    Log-Analyse und Auswertung - 12.01.2010 (7)
  13. Antivirus XP 2008 - völlig überfordert!
    Plagegeister aller Art und deren Bekämpfung - 30.08.2008 (22)
  14. zlob.j eingefagen...überfordert!!!!
    Log-Analyse und Auswertung - 25.06.2006 (7)
  15. Ich bin sowas von überfordert
    Log-Analyse und Auswertung - 11.10.2005 (7)
  16. Hilfe - bin überfordert!
    Log-Analyse und Auswertung - 13.01.2005 (2)
  17. Bin völlig überfordert...
    Log-Analyse und Auswertung - 28.10.2004 (19)

Zum Thema TR/Patched.Ren.Gen - Überfordert! - Hallo, ich muss mich hier leider in die Reihe der Überforderten mit dem Virus einreihen. Ich bekomme am laufenden Band Meldungen, wenn ich den PC anmache. Wenn ich die anderen - TR/Patched.Ren.Gen - Überfordert!...
Archiv
Du betrachtest: TR/Patched.Ren.Gen - Überfordert! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.