Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Farmaster.net nicht löschbar

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 19.09.2014, 23:53   #1
hausi91
 
Farmaster.net nicht löschbar - Standard

Farmaster.net nicht löschbar



hallo forum

ich habe folgendes problem wenn ich mein pc starte öffnet sich in chrome immer farmaster.net
ich bekomme es einfach nicht weg ich suche seit tagen nach einer lösung manuelles löschen geht nicht spyhunter und adw cleaner bekommen es auch nicht raus ich weiß mir nicht mehr zu helfen

ich hab frst.exe drüber laufen lassen hier sind die logs dazu hoffentlich könnt ihr mir helfen
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Hausi (administrator) on HAUSI-PC on 19-09-2014 22:41:23
Running from C:\Users\Hausi\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Jumping Bytes) C:\Program Files (x86)\PureSync\PureSyncTray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
(Dropbox, Inc.) C:\Users\Hausi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst II\spd.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-12] (Bitleader)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [CMD] => cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20140911 (exit) else (start hxxp://farmaster.net/ && exit)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe [5099840 2013-06-26] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [PureSync] => C:\Program Files (x86)\PureSync\PureSyncTray.exe [915120 2014-08-25] (Jumping Bytes)
HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3113168 2012-12-27] (DT Soft Ltd)
HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Run: [GoogleChromeAutoLaunch_3F339158169F9F1532CF4D066D90CAC2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
HKU\S-1-5-21-2638325747-3079690321-4045576718-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Hausi\AppData\Roaming\Mozilla\Firefox\Profiles\1e07yzpc.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hausi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26]

Chrome: 
=======
CHR Profile: C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-29]
CHR Extension: (Google Slides) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]
CHR Extension: (Google Docs) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]
CHR Extension: (Google Drive) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-27]
CHR Extension: (Google Search) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-27]
CHR Extension: (Google Sheets) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]
CHR Extension: (JDownloader Integration) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmochcijbhgjfdmojjenfabpafelhgdc [2014-07-27]
CHR Extension: (JDownloader Integration for Google Chrome™) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2014-07-27]
CHR Extension: (Two-Click JDownloader) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhooappahaeilmbekgcokgjjplambgo [2014-07-27]
CHR Extension: (Into The Mist) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-09-19]
CHR Extension: (Google Mail Checker) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-27]
CHR Extension: (Google Wallet) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08]
CHR Extension: (My Chrome Theme) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-07-27]
CHR Extension: (Gmail) - C:\Users\Hausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-27] (AVAST Software)
R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst II\spd.exe [860072 2012-08-09] (cFos Software GmbH)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-06-27] (Portrait Displays, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251256 2010-10-28] (BUFFALO INC.)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5739008 2011-12-05] (Native Instruments GmbH) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2013-01-08] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 AsRamDisk; C:\Windows\System32\DRIVERS\asramdisk.sys [105784 2013-05-13] (Asus)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-27] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-27] ()
S3 atillk64; C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21456 2012-12-20] (Olof Lagerkvist)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-08-15] (DT Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [39080 2014-05-19] (Razer Inc)
R3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [31400 2014-05-19] (Razer Inc)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 cleanhlp; \??\C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Virus\cleanhlp64.sys [X]
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 22:41 - 2014-09-19 22:41 - 00023045 _____ () C:\Users\Hausi\Desktop\FRST.txt
2014-09-19 22:41 - 2014-09-19 22:41 - 00000000 ____D () C:\FRST
2014-09-19 22:40 - 2014-09-19 22:40 - 02105856 _____ (Farbar) C:\Users\Hausi\Desktop\FRST64.exe
2014-09-19 02:30 - 2014-09-19 02:30 - 00000119 _____ () C:\Users\Hausi\Desktop\Farmaster.net nicht löschbar --( - Forum - CHIP Online.url
2014-09-19 02:25 - 2014-09-19 02:27 - 00114394 _____ () C:\Windows\DPINST.LOG
2014-09-19 02:25 - 2014-09-19 02:25 - 18056744 _____ (Razer Inc.) C:\Users\Hausi\Downloads\Razer_Synapse_Framework_V1.17.23.exe
2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Razer
2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-19 02:24 - 2014-09-19 02:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-19 02:23 - 2014-09-19 02:23 - 04901352 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\ccsetup417.exe
2014-09-19 02:23 - 2014-09-19 02:23 - 00713928 _____ ( ) C:\Users\Hausi\Downloads\FileExtractorSetup.exe
2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (2).exe
2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (1).exe
2014-09-19 01:53 - 2014-09-19 01:53 - 00135929 _____ () C:\Users\Hausi\Desktop\bookmarks_19.09.14.html
2014-09-19 01:51 - 2014-09-19 02:16 - 00000000 ____D () C:\Windows\system32\log
2014-09-19 01:50 - 2014-09-19 01:50 - 15568184 _____ (Elex do Brasil Participações Ltda) C:\Users\Hausi\Downloads\yet_another_cleaner_sk.exe
2014-09-18 23:45 - 2014-09-18 23:45 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-18 23:44 - 2014-09-19 01:56 - 00000000 ____D () C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP
2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Users\Hausi\Desktop\SpyHunter.v4.16.5.4290.inkl.Crack
2014-09-18 23:43 - 2014-09-18 23:43 - 01016830 _____ (Thisisu) C:\Users\Hausi\Downloads\JRT.exe
2014-09-18 23:38 - 2014-09-19 22:38 - 00003548 _____ () C:\Windows\setupact.log
2014-09-18 23:38 - 2014-09-18 23:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-18 23:31 - 2014-09-19 22:38 - 00005880 _____ () C:\Windows\PFRO.log
2014-09-18 23:31 - 2014-09-18 23:31 - 722053871 _____ () C:\Windows\MEMORY.DMP
2014-09-18 23:09 - 2014-09-18 23:09 - 00000000 _____ () C:\autoexec.bat
2014-09-18 23:06 - 2014-09-18 23:06 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-18 23:05 - 2014-09-18 23:29 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-18 23:02 - 2014-09-18 23:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer.exe
2014-09-18 22:57 - 2014-09-19 22:41 - 00027882 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 16:23 - 2014-09-14 16:23 - 00000124 _____ () C:\Users\Hausi\Desktop\empfehlung zur osmoseanlage - riffaquaristikforum.de.url
2014-09-14 16:06 - 2014-09-14 16:06 - 00005572 _____ () C:\Users\Hausi\Downloads\af84wyx0rxv5j85.dlc
2014-09-14 15:56 - 2014-09-14 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 01:48 - 2014-09-13 01:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hausi\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-13 01:48 - 2014-09-13 01:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 01:42 - 2014-09-19 02:16 - 00000000 ____D () C:\AdwCleaner
2014-09-13 01:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 01:41 - 2014-09-13 01:41 - 01370467 _____ () C:\Users\Hausi\Downloads\adwcleaner_3.309 (1).exe
2014-09-13 01:41 - 2014-09-13 01:41 - 00000085 _____ () C:\Windows\wininit.ini
2014-09-13 01:39 - 2014-09-13 01:39 - 00816064 _____ ( ) C:\Users\Hausi\Downloads\adwcleaner_3.309_CB-DL-Manager.exe
2014-09-13 01:33 - 2014-09-13 01:44 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-13 01:33 - 2014-09-13 01:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-13 01:33 - 2014-09-13 01:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hausi\Downloads\spybot-2.4.exe
2014-09-13 01:33 - 2014-09-13 01:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-10 16:48 - 2014-09-10 18:01 - 00000000 ____D () C:\Users\Hausi\Documents\Garmin
2014-09-10 16:48 - 2014-09-10 18:01 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Garmin
2014-09-10 16:47 - 2014-09-10 18:01 - 00000000 ____D () C:\ProgramData\Garmin
2014-09-10 16:41 - 2014-09-10 18:01 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Garmin
2014-09-10 16:41 - 2014-09-10 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-09-10 16:41 - 2014-09-10 18:01 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-09-10 16:41 - 2014-09-10 16:48 - 00000000 ____D () C:\Program Files\DIFX
2014-09-10 16:41 - 2014-09-10 16:41 - 36576688 _____ (Garmin Ltd or its subsidiaries) C:\Users\Hausi\Downloads\GarminExpressInstaller.exe
2014-09-10 16:41 - 2014-09-10 16:41 - 11390192 _____ () C:\Users\Hausi\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe
2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\Program Files\Recuva
2014-09-10 16:28 - 2014-09-10 16:28 - 03161056 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\rcsetup151_slim.exe
2014-09-08 15:36 - 2014-09-08 15:36 - 00000147 _____ () C:\Users\Hausi\Desktop\mein erstes meerwasserbecken^^ anfängerfragen - Seite 6 - riffaquaristikforum.de.url
2014-09-08 15:15 - 2014-09-08 15:21 - 00000000 ____D () C:\Users\Hausi\Desktop\Neuer Ordner
2014-09-08 14:00 - 2014-09-15 22:45 - 00000000 ____D () C:\Users\Hausi\Documents\Outlook-Dateien
2014-09-07 13:13 - 2014-09-07 13:13 - 01067770 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM (1).zip
2014-09-07 13:12 - 2014-09-07 13:12 - 01062634 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM.zip
2014-09-06 23:55 - 2014-09-06 23:55 - 00079696 _____ (AppWork GmbH) C:\Users\Hausi\Downloads\Install.exe
2014-09-06 23:54 - 2014-09-06 23:54 - 31419822 _____ () C:\Users\Hausi\Downloads\JDownloader.zip
2014-09-06 00:15 - 2014-09-06 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast
2014-09-05 18:59 - 2014-09-05 19:02 - 528699198 _____ () C:\Users\Hausi\Downloads\The Forest vo.o6.7z
2014-09-05 18:57 - 2014-09-05 18:57 - 02034552 _____ () C:\Users\Hausi\Downloads\winrar-x64-511d.exe
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\1170
2014-09-05 11:35 - 2012-11-26 11:10 - 00221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2014-09-05 11:35 - 2011-01-12 13:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71deu.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ita.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71fra.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71esp.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71enu.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71kor.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71jpn.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71cht.dll
2014-09-05 11:35 - 2011-01-12 13:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71chs.dll
2014-09-05 11:35 - 2011-01-12 13:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-09-05 11:35 - 2011-01-12 12:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2014-09-05 11:35 - 2010-02-16 14:22 - 00443488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshflxgd.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00415552 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00258880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00252240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00215880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00178512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00170080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00126800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00119616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00107840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2014-09-05 11:35 - 2010-02-16 14:22 - 00100160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2014-09-05 11:35 - 2010-02-16 14:22 - 00080208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2014-09-05 11:35 - 2007-01-30 22:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-09-05 11:35 - 2006-08-26 00:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2014-09-05 11:35 - 2006-08-26 00:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2014-09-05 11:35 - 2006-08-26 00:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2014-09-05 11:35 - 2006-08-25 23:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2014-09-05 11:35 - 2006-04-10 13:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl32.ocx
2014-09-05 11:35 - 2005-01-20 19:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2014-09-05 11:35 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2014-09-05 11:35 - 2001-08-23 00:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-09-05 11:35 - 1996-01-12 03:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll
2014-09-05 11:35 - 1993-07-23 19:31 - 00210944 _____ () C:\Windows\SysWOW64\msvcrt10.dll
2014-09-04 20:41 - 2014-09-04 20:41 - 00000000 ____D () C:\Users\Hausi\AppData\Local\4kdownload.com
2014-09-04 20:40 - 2014-09-04 20:40 - 22806384 _____ (Open Media LLC ) C:\Users\Hausi\Downloads\4kvideodownloader_3.4.1.exe
2014-09-04 15:09 - 2014-09-04 15:09 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-04 15:03 - 2014-09-04 18:59 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Origin
2014-09-04 15:03 - 2014-09-04 15:09 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Origin
2014-09-04 15:02 - 2014-09-13 01:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-04 15:02 - 2014-09-11 16:17 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-04 15:02 - 2014-09-04 15:02 - 01141680 _____ () C:\Users\Hausi\Downloads\SteamSetup.exe
2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-04 15:01 - 2014-09-04 15:02 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Hausi\Downloads\OriginThinSetup.exe
2014-09-03 16:56 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 15:50 - 2014-09-03 15:51 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\Documents\DVDFab9
2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DVDFab9
2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9
2014-09-03 14:05 - 2014-09-03 14:05 - 00098197 _____ () C:\Users\Hausi\Downloads\royal_initialen.zip
2014-08-26 19:35 - 2014-09-11 17:14 - 00000000 ____D () C:\ProgramData\Origin
2014-08-26 19:20 - 2014-08-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync
2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\Program Files (x86)\PureSync
2014-08-24 14:39 - 2014-08-24 18:49 - 00000015 _____ () C:\Users\Hausi\AppData\Roaming\AquaCalculatorBL.AUsr
2014-08-24 14:39 - 2014-08-24 16:54 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\AquaCalculator
2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaCalculator
2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\Program Files (x86)\AquaCalculator
2014-08-22 20:34 - 2014-08-22 20:34 - 00000000 _____ () C:\dummy.wav
2014-08-22 12:09 - 2014-09-18 23:31 - 00000000 ____D () C:\Windows\Minidump

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 22:41 - 2014-09-19 22:41 - 00023045 _____ () C:\Users\Hausi\Desktop\FRST.txt
2014-09-19 22:41 - 2014-09-19 22:41 - 00000000 ____D () C:\FRST
2014-09-19 22:41 - 2014-09-18 22:57 - 00027882 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 22:40 - 2014-09-19 22:40 - 02105856 _____ (Farbar) C:\Users\Hausi\Desktop\FRST64.exe
2014-09-19 22:38 - 2014-09-18 23:38 - 00003548 _____ () C:\Windows\setupact.log
2014-09-19 22:38 - 2014-09-18 23:31 - 00005880 _____ () C:\Windows\PFRO.log
2014-09-19 22:38 - 2014-08-15 01:28 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-09-19 22:38 - 2014-08-12 18:25 - 00000344 _____ () C:\Windows\lgfwup.ini
2014-09-19 22:38 - 2014-08-12 18:25 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-09-19 22:38 - 2014-08-02 16:48 - 00000000 ___RD () C:\Users\Hausi\Dropbox
2014-09-19 22:38 - 2014-08-02 16:44 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Dropbox
2014-09-19 22:38 - 2014-07-08 10:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-19 22:38 - 2014-07-08 10:06 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 22:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 11:47 - 2014-07-08 10:06 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 11:39 - 2014-07-11 22:29 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\vlc
2014-09-19 11:20 - 2014-07-08 10:36 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-09-19 11:19 - 2014-07-09 10:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 11:17 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 11:17 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 11:16 - 2011-04-12 09:43 - 00702198 _____ () C:\Windows\system32\perfh007.dat
2014-09-19 11:16 - 2011-04-12 09:43 - 00149836 _____ () C:\Windows\system32\perfc007.dat
2014-09-19 11:16 - 2009-07-14 07:13 - 01627004 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-19 11:15 - 2014-08-15 01:39 - 00000000 _____ () C:\Windows\Path.idx
2014-09-19 02:31 - 2014-07-08 10:34 - 00000000 ____D () C:\Users\Hausi\Desktop\Programme
2014-09-19 02:30 - 2014-09-19 02:30 - 00000119 _____ () C:\Users\Hausi\Desktop\Farmaster.net nicht löschbar --( - Forum - CHIP Online.url
2014-09-19 02:30 - 2009-07-14 06:45 - 05120944 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-19 02:27 - 2014-09-19 02:25 - 00114394 _____ () C:\Windows\DPINST.LOG
2014-09-19 02:27 - 2014-07-08 10:38 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-09-19 02:26 - 2014-07-27 16:20 - 00112760 _____ () C:\Users\Hausi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-19 02:26 - 2014-07-08 10:38 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Razer
2014-09-19 02:25 - 2014-09-19 02:25 - 18056744 _____ (Razer Inc.) C:\Users\Hausi\Downloads\Razer_Synapse_Framework_V1.17.23.exe
2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Razer
2014-09-19 02:25 - 2014-09-19 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-19 02:24 - 2014-09-19 02:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-19 02:24 - 2014-07-10 09:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-19 02:23 - 2014-09-19 02:23 - 04901352 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\ccsetup417.exe
2014-09-19 02:23 - 2014-09-19 02:23 - 00713928 _____ ( ) C:\Users\Hausi\Downloads\FileExtractorSetup.exe
2014-09-19 02:17 - 2014-07-26 14:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (2).exe
2014-09-19 02:16 - 2014-09-19 02:16 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer (1).exe
2014-09-19 02:16 - 2014-09-19 01:51 - 00000000 ____D () C:\Windows\system32\log
2014-09-19 02:16 - 2014-09-13 01:42 - 00000000 ____D () C:\AdwCleaner
2014-09-19 01:56 - 2014-09-18 23:44 - 00000000 ____D () C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP
2014-09-19 01:53 - 2014-09-19 01:53 - 00135929 _____ () C:\Users\Hausi\Desktop\bookmarks_19.09.14.html
2014-09-19 01:50 - 2014-09-19 01:50 - 15568184 _____ (Elex do Brasil Participações Ltda) C:\Users\Hausi\Downloads\yet_another_cleaner_sk.exe
2014-09-18 23:45 - 2014-09-18 23:45 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 23:44 - 2014-09-18 23:44 - 00000000 ____D () C:\Users\Hausi\Desktop\SpyHunter.v4.16.5.4290.inkl.Crack
2014-09-18 23:43 - 2014-09-18 23:43 - 01016830 _____ (Thisisu) C:\Users\Hausi\Downloads\JRT.exe
2014-09-18 23:38 - 2014-09-18 23:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-18 23:31 - 2014-09-18 23:31 - 722053871 _____ () C:\Windows\MEMORY.DMP
2014-09-18 23:31 - 2014-08-22 12:09 - 00000000 ____D () C:\Windows\Minidump
2014-09-18 23:29 - 2014-09-18 23:05 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-18 23:09 - 2014-09-18 23:09 - 00000000 _____ () C:\autoexec.bat
2014-09-18 23:06 - 2014-09-18 23:06 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-18 23:02 - 2014-09-18 23:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Hausi\Downloads\SpyHunter-Installer.exe
2014-09-18 11:08 - 2014-08-02 16:44 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-17 23:49 - 2014-07-09 09:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-17 00:31 - 2014-07-27 14:20 - 00044032 _____ () C:\Users\Hausi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-15 22:45 - 2014-09-08 14:00 - 00000000 ____D () C:\Users\Hausi\Documents\Outlook-Dateien
2014-09-14 23:52 - 2014-07-08 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 16:23 - 2014-09-14 16:23 - 00000124 _____ () C:\Users\Hausi\Desktop\empfehlung zur osmoseanlage - riffaquaristikforum.de.url
2014-09-14 16:06 - 2014-09-14 16:06 - 00005572 _____ () C:\Users\Hausi\Downloads\af84wyx0rxv5j85.dlc
2014-09-14 15:56 - 2014-09-14 15:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 01:54 - 2014-07-08 10:34 - 00000000 ____D () C:\Users\Hausi\Desktop\Spiele
2014-09-13 01:48 - 2014-09-13 01:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hausi\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-13 01:48 - 2014-09-13 01:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 01:44 - 2014-09-13 01:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-13 01:41 - 2014-09-13 01:41 - 01370467 _____ () C:\Users\Hausi\Downloads\adwcleaner_3.309 (1).exe
2014-09-13 01:41 - 2014-09-13 01:41 - 00000085 _____ () C:\Windows\wininit.ini
2014-09-13 01:41 - 2014-09-13 01:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-13 01:39 - 2014-09-13 01:39 - 00816064 _____ ( ) C:\Users\Hausi\Downloads\adwcleaner_3.309_CB-DL-Manager.exe
2014-09-13 01:33 - 2014-09-13 01:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hausi\Downloads\spybot-2.4.exe
2014-09-13 01:33 - 2014-09-13 01:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-13 01:31 - 2014-09-04 15:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-13 01:31 - 2014-08-15 01:28 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DAEMON Tools Pro
2014-09-11 17:14 - 2014-08-26 19:35 - 00000000 ____D () C:\ProgramData\Origin
2014-09-11 16:17 - 2014-09-04 15:02 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-10 23:19 - 2014-07-09 10:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 23:19 - 2014-07-09 10:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 23:19 - 2014-07-09 10:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 18:01 - 2014-09-10 16:48 - 00000000 ____D () C:\Users\Hausi\Documents\Garmin
2014-09-10 18:01 - 2014-09-10 16:48 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Garmin
2014-09-10 18:01 - 2014-09-10 16:47 - 00000000 ____D () C:\ProgramData\Garmin
2014-09-10 18:01 - 2014-09-10 16:41 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Garmin
2014-09-10 18:01 - 2014-09-10 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-09-10 18:01 - 2014-09-10 16:41 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-09-10 18:01 - 2014-07-09 09:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 16:48 - 2014-09-10 16:41 - 00000000 ____D () C:\Program Files\DIFX
2014-09-10 16:41 - 2014-09-10 16:41 - 36576688 _____ (Garmin Ltd or its subsidiaries) C:\Users\Hausi\Downloads\GarminExpressInstaller.exe
2014-09-10 16:41 - 2014-09-10 16:41 - 11390192 _____ () C:\Users\Hausi\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe
2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\Program Files\Recuva
2014-09-10 16:28 - 2014-09-10 16:28 - 03161056 _____ (Piriform Ltd) C:\Users\Hausi\Downloads\rcsetup151_slim.exe
2014-09-10 10:15 - 2014-08-05 11:42 - 00000000 ____D () C:\Users\Hausi\Documents\Electronic Arts
2014-09-10 10:12 - 2014-07-09 22:21 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-09-08 15:36 - 2014-09-08 15:36 - 00000147 _____ () C:\Users\Hausi\Desktop\mein erstes meerwasserbecken^^ anfängerfragen - Seite 6 - riffaquaristikforum.de.url
2014-09-08 15:30 - 2014-08-17 21:22 - 00001456 _____ () C:\Users\Hausi\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-09-08 15:21 - 2014-09-08 15:15 - 00000000 ____D () C:\Users\Hausi\Desktop\Neuer Ordner
2014-09-08 03:16 - 2014-08-17 17:09 - 00000688 _____ () C:\Windows\MB.idx
2014-09-07 13:13 - 2014-09-07 13:13 - 01067770 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM (1).zip
2014-09-07 13:12 - 2014-09-07 13:12 - 01062634 _____ () C:\Users\Hausi\Downloads\3DMGAME-The.Sims.4.Crack.v3.For.Update.1-3DM.zip
2014-09-06 23:55 - 2014-09-06 23:55 - 00079696 _____ (AppWork GmbH) C:\Users\Hausi\Downloads\Install.exe
2014-09-06 23:54 - 2014-09-06 23:54 - 31419822 _____ () C:\Users\Hausi\Downloads\JDownloader.zip
2014-09-06 17:46 - 2014-07-09 10:10 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Awesomium
2014-09-06 00:15 - 2014-09-06 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast
2014-09-05 19:02 - 2014-09-05 18:59 - 528699198 _____ () C:\Users\Hausi\Downloads\The Forest vo.o6.7z
2014-09-05 18:57 - 2014-09-05 18:57 - 02034552 _____ () C:\Users\Hausi\Downloads\winrar-x64-511d.exe
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\1170
2014-09-04 20:43 - 2014-07-29 14:21 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DVDVideoSoft
2014-09-04 20:43 - 2014-07-29 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-04 20:43 - 2014-07-29 14:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-04 20:41 - 2014-09-04 20:41 - 00000000 ____D () C:\Users\Hausi\AppData\Local\4kdownload.com
2014-09-04 20:40 - 2014-09-04 20:40 - 22806384 _____ (Open Media LLC ) C:\Users\Hausi\Downloads\4kvideodownloader_3.4.1.exe
2014-09-04 18:59 - 2014-09-04 15:03 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Origin
2014-09-04 17:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-04 17:32 - 2014-08-13 02:10 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Nero
2014-09-04 17:31 - 2014-08-15 20:23 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\dvdcss
2014-09-04 17:30 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-04 15:09 - 2014-09-04 15:09 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-04 15:09 - 2014-09-04 15:03 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Origin
2014-09-04 15:02 - 2014-09-04 15:02 - 01141680 _____ () C:\Users\Hausi\Downloads\SteamSetup.exe
2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-04 15:02 - 2014-09-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-04 15:02 - 2014-09-04 15:01 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Hausi\Downloads\OriginThinSetup.exe
2014-09-04 15:02 - 2014-09-03 16:56 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-03 15:51 - 2014-09-03 15:50 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\Documents\DVDFab9
2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DVDFab9
2014-09-03 15:50 - 2014-09-03 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9
2014-09-03 14:05 - 2014-09-03 14:05 - 00098197 _____ () C:\Users\Hausi\Downloads\royal_initialen.zip
2014-09-02 20:21 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-31 11:45 - 2014-07-09 09:36 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\DAEMON Tools Lite
2014-08-26 19:20 - 2014-08-26 19:20 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-26 19:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync
2014-08-25 16:34 - 2014-08-25 16:34 - 00000000 ____D () C:\Program Files (x86)\PureSync
2014-08-25 16:34 - 2014-07-09 21:48 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\Jumping Bytes
2014-08-24 18:49 - 2014-08-24 14:39 - 00000015 _____ () C:\Users\Hausi\AppData\Roaming\AquaCalculatorBL.AUsr
2014-08-24 16:54 - 2014-08-24 14:39 - 00000000 ____D () C:\Users\Hausi\AppData\Roaming\AquaCalculator
2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaCalculator
2014-08-24 14:39 - 2014-08-24 14:39 - 00000000 ____D () C:\Program Files (x86)\AquaCalculator
2014-08-22 21:01 - 2014-08-18 14:06 - 00000000 ____D () C:\Users\Hausi\AppData\Local\Adobe
2014-08-22 20:34 - 2014-08-22 20:34 - 00000000 _____ () C:\dummy.wav

Some content of TEMP:
====================
C:\Users\Hausi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphcupwp.dll
C:\Users\Hausi\AppData\Local\Temp\Quarantine.exe
C:\Users\Hausi\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-18 01:11

==================== End Of Log ============================
         
--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Hausi at 2014-09-19 22:41:39
Running from C:\Users\Hausi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{22E2B25B-2FFE-1A69-E591-55DD72BC5F5B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AmpliTube 3 version 3.8.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.8.0 - IK Multimedia)
ANNO 2070 - Complete Edition (HKLM-x32\...\{4916C011-3048-456A-8F34-1A5DF90ECC2B}_is1) (Version: 2.00.7780 - RAF)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aqua Calculator Version 4.0 (HKLM-x32\...\{957493A6-E72E-4477-931A-4AFABFBCC3EB}_is1) (Version: 4.0 - Kuhn Software Development (HSK))
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Auto Keyboard v1.3 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 1.3 - MurGee.com)
Avast License by ZeNiX [2014-01-11] (HKLM-x32\...\Avast_2050_ZeNiX [2014-01-11]_is1) (Version:  - )
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CPUID ROG CPU-Z 1.65 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.65 - CPUID, Inc.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0350 - DT Soft Ltd)
Daylight Version 1.2 (HKLM-x32\...\Daylight_is1) (Version: 1.2 - Zombie Studios)
Divinity Original Sin (HKLM-x32\...\Divinity Original Sin_is1) (Version: 1.0 - ENiGMA)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVDFab 9.1.6.4 (21/08/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
E3MC - Windows Shutdown Timer v5.7 Full (HKLM-x32\...\{8A5458F0-0F3A-486E-8436-6CF05977093F}) (Version: 5.7.0.0 - E3MC Clan)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Free Mouse Auto Clicker 3.0 (HKLM-x32\...\{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
Free MP4 Video Converter version 5.0.45.806 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.45.806 - DVDVideoSoft Ltd.)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.8.820 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.42.716 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.42.716 - DVDVideoSoft Ltd.)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
GRID Autosport Limited Black Edition MULTi2 1.0 (HKLM-x32\...\GRID Autosport Limited Black Edition MULTi2 1.0) (Version:  - )
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Guitar Pro 6 [cw2k Edition] Version 6.1.5 r11553 (HKLM-x32\...\Guitar Pro 6 [cw2k Edition]_is1) (Version: 6.1.5 r11553 - Arobas Music)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 2.10.009 - Portrait Displays, Inc.)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IK Multimedia Authorization Manager version 1.0.5 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.5 - IK Multimedia)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
K-Lite Codec Pack 9.9.9 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.9 - )
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.01 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Controller Editor (Version: 1.4.3.891 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.1.0.2641 - Native Instruments) Hidden
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.3.2.926 - Native Instruments) Hidden
Nero 2014 (HKLM-x32\...\{CFF19D4A-F26D-4C6C-8535-A7C9107C9027}) (Version: 15.0.07100 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12032 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.22.3600 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.25000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.23000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.7 - Google)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Outlast Version 1.0.12046.0 (HKLM-x32\...\Outlast_is1) (Version: 1.0.12046.0 - Red Barrels)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photomatix Pro Version 5.0.4 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.4 - HDRsoft Ltd)
Pivot Software (x32 Version: 9.03.004 - Portrait Displays, Inc.) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
PureSync (x32 Version: 3.8.1 - Jumping Bytes) Hidden
PureSync 3.8.1 (HKLM-x32\...\PureSync) (Version: 3.8.1 - Jumping Bytes)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version:  - )
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
ReValver Mk III (HKLM-x32\...\ReValver Mk III_is1) (Version:  - )
ReValver Mk IIIdotV x64 (HKLM\...\ReValver Mk IIIdotV x64_is1) (Version:  - )
ROG GameFirst II v8.03 (HKLM\...\ROG GameFirst II) (Version: 8.03 - cFos Software GmbH, Bonn)
ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
SDK (x32 Version: 2.40.012 - Portrait Displays, Inc.) Hidden
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.6.4 - Shark007)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sonic Radar (HKLM\...\{4AD04041-F286-4690-8555-38F175F0B50C}) (Version: 1.0.801 - ASUSTeKcomputer.Inc)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.1.213 - ASUS Cloud Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2638325747-3079690321-4045576718-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hausi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

10-09-2014 08:12:28 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
10-09-2014 08:15:26 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
10-09-2014 14:47:43 Garmin Express
10-09-2014 14:47:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
10-09-2014 16:01:18 Garmin Express
17-09-2014 23:18:29 Geplanter Prüfpunkt
18-09-2014 21:06:00 Installed SpyHunter
18-09-2014 21:29:23 Removed SpyHunter
18-09-2014 21:45:01 Installed SpyHunter
18-09-2014 23:55:41 Removed SpyHunter
19-09-2014 00:25:19 Removed Razer Synapse 2.0.
19-09-2014 00:25:53 Installed Razer Synapse 2.0.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-13 02:14 - 00005813 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com
127.0.0.1 activation.nero.com
127.0.0.1 Nero - CD DVD Burning, Video Editing Software, Backup Software - Official Site
127.0.0.1 Nero -
127.0.0.1 Nero -
127.0.0.1 Nero - Error2
127.0.0.1 Nero -
127.0.0.1 Nero -
127.0.0.1 Nero - Customer service and technical support
127.0.0.1 Nero - Nero Upgrade Center
127.0.0.1 Nero - Support - Customer Service - Product Registration
127.0.0.1 Nero - CD DVD Burning, Video Editing Software, Backup Software - Official Site
127.0.0.1 Nero - Error2
127.0.0.1 Nero - Support - Nero 8 - Overview
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 activation@nero.com
127.0.0.1 registernero.com
127.0.0.1 Registernero.com
127.0.0.1 nero.com
127.0.0.1 Nero - Privacy.
127.0.0.1 legal@nero.com
127.0.0.1 support.nero.com
127.0.0.1 activate.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40

There are 110 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08ECF083-A544-4E43-87BC-97BB363BD4A1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {1169B9F0-A0FE-4A25-AA31-91738DA977D8} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: {1E2A899B-8767-4ED9-871D-4C27B599EE71} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-27] (AVAST Software)
Task: {2B816361-414C-4C59-9AB9-93EE62EF38DE} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {36FC76CF-1871-46EC-A2B6-413B5223EE2A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {3C26770F-2B81-48C9-B2C5-226F2923E6C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-08] (Google Inc.)
Task: {3CC07351-D7DD-44AA-9788-A56B8CDD976F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-08] (Google Inc.)
Task: {4FC94CD1-3BA6-4A68-A6B7-71C41CC37420} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {68ED2931-7185-4007-801C-84925DEF52AA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {949989AB-40A8-4B9A-9916-B26178EEABB1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {A5A0A30F-71BF-40EC-BEAB-151B16203D99} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AFB6E6E5-5820-4B7E-A434-7413CA13C13D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {E9E35F46-8D3A-4BA2-AB9D-61D249CC6ECB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EFEE48D6-240C-42B5-83F8-6962EFD21AA1} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-01 11:42 - 2012-06-01 11:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-08-15 01:26 - 2013-07-24 10:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-08-15 01:25 - 2013-08-08 14:34 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-07-27 16:21 - 2014-07-27 16:21 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-19 00:18 - 2014-09-19 00:18 - 02864128 _____ () C:\Program Files\AVAST Software\Avast\defs\14091804\algo.dll
2014-09-19 22:38 - 2014-09-19 22:38 - 02864128 _____ () C:\Program Files\AVAST Software\Avast\defs\14091901\algo.dll
2014-09-19 22:38 - 2014-09-19 22:38 - 00043008 _____ () c:\users\hausi\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphcupwp.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Hausi\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-15 01:29 - 2014-09-19 22:38 - 00031232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-08-15 01:29 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-07-27 16:21 - 2014-07-27 16:21 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-15 01:26 - 2013-07-31 20:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-08-15 01:26 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-08-15 01:25 - 2013-08-07 19:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-08-15 01:25 - 2013-08-08 14:41 - 02747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-08-15 01:26 - 2013-08-29 15:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-08-15 01:25 - 2013-06-04 11:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-08-15 01:25 - 2013-08-07 19:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-08-15 01:25 - 2013-08-08 14:35 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2014-08-15 01:26 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2014-08-15 01:25 - 2013-08-07 19:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2014-08-15 01:25 - 2013-08-07 19:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2014-08-15 01:25 - 2013-08-08 14:34 - 00190464 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2014-08-15 01:25 - 2013-08-08 14:34 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-08-15 01:25 - 2013-08-08 14:34 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-08-15 01:25 - 2013-08-08 14:34 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-08-15 01:25 - 2013-08-08 14:34 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-07-08 10:10 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: MurGee.com Auto Keyboard => C:\ProgramData\Auto Keyboard\AutoKeyboard.exe :silent
MSCONFIG\startupreg: ROG GameFirst II => C:\Program Files\ASUS\ROG GameFirst II\cFosSpeed.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2014 10:38:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 11:57:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007af2
ID des fehlerhaften Prozesses: 0xea0
Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0
Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1
Pfad des fehlerhaften Moduls: LVPrcSrv.exe2
Berichtskennung: LVPrcSrv.exe3

Error: (09/19/2014 11:10:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 02:32:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007af2
ID des fehlerhaften Prozesses: 0xe8c
Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0
Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1
Pfad des fehlerhaften Moduls: LVPrcSrv.exe2
Berichtskennung: LVPrcSrv.exe3

Error: (09/19/2014 02:32:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 02:31:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007af2
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0
Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1
Pfad des fehlerhaften Moduls: LVPrcSrv.exe2
Berichtskennung: LVPrcSrv.exe3

Error: (09/19/2014 02:30:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 02:30:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Name des fehlerhaften Moduls: LVPrcSrv.exe, Version: 12.10.1110.0, Zeitstempel: 0x4acc50c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007af2
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xLVPrcSrv.exe0
Pfad der fehlerhaften Anwendung: LVPrcSrv.exe1
Pfad des fehlerhaften Moduls: LVPrcSrv.exe2
Berichtskennung: LVPrcSrv.exe3

Error: (09/19/2014 02:25:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetDiskComponents" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070057, Falscher Parameter.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd}

Error: (09/19/2014 02:25:19 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetDiskComponents" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070057, Falscher Parameter.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd}


System errors:
=============
Error: (09/19/2014 10:38:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/19/2014 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/19/2014 11:10:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/19/2014 02:32:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/19/2014 02:32:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/19/2014 02:31:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/19/2014 02:30:55 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/19/2014 02:30:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/19/2014 02:21:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (09/19/2014 02:20:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Process Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (09/19/2014 10:38:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 11:57:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2ea001cfd3e98f0084c7C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe6387a098-3fe3-11e4-a654-e03f49866ddd

Error: (09/19/2014 11:10:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 02:32:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2e8c01cfd3a12e84a608C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe77f33873-3f94-11e4-8970-e03f49866ddd

Error: (09/19/2014 02:32:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 02:31:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2f2801cfd3a0f84a3b4eC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe555c4e90-3f94-11e4-885c-e03f49866ddd

Error: (09/19/2014 02:30:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 02:30:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: LVPrcSrv.exe12.10.1110.04acc50c4LVPrcSrv.exe12.10.1110.04acc50c4c00000050000000000007af2e2c01cfd39fa95eca93C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe1fbb6786-3f94-11e4-a7e6-e03f49866ddd

Error: (09/19/2014 02:25:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: IVssAsrWriterBackup::GetDiskComponents0x80070057, Falscher Parameter.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd}

Error: (09/19/2014 02:25:19 AM) (Source: VSS) (EventID: 8193) (User: )
Description: IVssAsrWriterBackup::GetDiskComponents0x80070057, Falscher Parameter.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {c4ac68f4-e046-4d6d-9cf7-e09df47f46dd}


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 8129.61 MB
Available physical RAM: 6221.25 MB
Total Pagefile: 16257.4 MB
Available Pagefile: 14180.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:129.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:784.83 GB) (Free:520.69 GB) NTFS
Drive f: (Sicherung) (Fixed) (Total:146.48 GB) (Free:50 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 389E5E84)
Partition 1: (Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

Alt 20.09.2014, 00:12   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Farmaster.net nicht löschbar - Standard

Farmaster.net nicht löschbar



Hi,

das mit der illegalen Software wurde dir von den Kollegen aus dem Chip-Forum bereits erklärt => http://forum.chip.de/viren-trojaner-...r-1810649.html


Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________

__________________

Alt 20.09.2014, 00:17   #3
hausi91
 
Farmaster.net nicht löschbar - Standard

Farmaster.net nicht löschbar



ok also nero und photoshop ?
wo kann man das denn da lesen
__________________

Alt 20.09.2014, 00:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Farmaster.net nicht löschbar - Standard

Farmaster.net nicht löschbar



Zitat:
wo kann man das denn da lesen
Soll ich dir das echt jetzt verraten, echt jetzt?
Hast du selbst den Überblick über deine gecrackte Software verloren?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Farmaster.net nicht löschbar
4d36e972-e325-11ce-bfc1-08002be10318, adware, antivirus, avast, branding, browser, ccsetup, computer, converter, cpu-z, defender, dvdvideosoft ltd., error, excel, failed, flash player, google, helper, iexplore.exe, lws.exe, mozilla, photoshop, problem, registry, security, services.exe, software, svchost.exe, system, teredo, usb, windows




Ähnliche Themen: Farmaster.net nicht löschbar


  1. deltafix.dll nicht löschbar!
    Plagegeister aller Art und deren Bekämpfung - 20.12.2014 (1)
  2. TR/Vawtrack.A.410 nicht löschbar
    Alles rund um Windows - 06.08.2014 (1)
  3. Schlüssel nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 28.05.2014 (2)
  4. exe Datei heruntergeladen, nicht aufgestarten, nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 04.12.2013 (1)
  5. Win XP Backupordner nicht löschbar
    Alles rund um Windows - 29.10.2013 (8)
  6. Programme nicht löschbar - Delta Search evtl. nicht sicher entfernt.
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (17)
  7. Ask-Suche nicht löschbar+Windows Defender funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (1)
  8. Rootkits nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 08.08.2010 (6)
  9. smss.exe nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 09.06.2009 (1)
  10. Virtumonde.sci nicht löschbar! selbst nach Neustart nicht
    Log-Analyse und Auswertung - 29.01.2009 (1)
  11. TR/Hihack.AG.2 nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 15.11.2008 (3)
  12. Malware nicht löschbar!
    Mülltonne - 21.10.2008 (0)
  13. Was ist~DF5E74.tmp? nicht löschbar!!!
    Plagegeister aller Art und deren Bekämpfung - 05.04.2007 (6)
  14. TR/PSW.PdPi.CT.1.D nicht löschbar
    Mülltonne - 25.07.2006 (1)
  15. Datei nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 20.02.2006 (10)
  16. Trojaner nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 12.03.2005 (2)
  17. Backdoor nicht löschbar!
    Plagegeister aller Art und deren Bekämpfung - 18.03.2003 (25)

Zum Thema Farmaster.net nicht löschbar - hallo forum ich habe folgendes problem wenn ich mein pc starte öffnet sich in chrome immer farmaster.net ich bekomme es einfach nicht weg ich suche seit tagen nach einer lösung - Farmaster.net nicht löschbar...
Archiv
Du betrachtest: Farmaster.net nicht löschbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.