Hallo!
Nach dem Anklicken eines eines Videos in Facebook kam ein sehr lauter Sirenen artiger Ton
und der Bildschirm wurde schwarz. Die Tastatur reagierte nicht mehr und der laute Ton konnte nur mehr durch das Herausnehmen des Akkus abgestellt werden.
Seither bootet das System nicht mehr. Habe ein kostenpflichtiges Avast Virenschutzprogramm
installiert.
Anbei schicke ich das Logfile und bitte um Bearbeitung und Antwort
Viele Grüße
Alfred
FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by SYSTEM on MININT-KS0PELL on 22-09-2014 21:05:39
Running from h:\
Platform: Windows 7 Home Premium (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9222760 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1481320 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM\...\Run: [LMgrVolOSD] => C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-30] (Apple Inc.)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [autodetect] => C:\Program Files\Cyrus\AutoDect.exe [129872 2010-11-24] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-02] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-31] (Apple Inc.)
HKU\Alfred\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\Alfred\...\Policies\system: [LogonHoursAction] 2
HKU\Alfred\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Alfred\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Default\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\Default User\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\UpdatusUser\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-09] (AVAST Software)
S2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [106488 2014-07-09] (AVAST Software)
S2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-12] ()
S3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
S2 WTGService; C:\Program Files\3DataManager\WTGService.exe [312784 2009-11-06] ()
S2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2011-11-30] (Protect Software GmbH)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-09] ()
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-09] (AVAST Software)
S0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270752 2014-07-09] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-07-09] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-09] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-09] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-09] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [192352 2014-07-09] ()
S0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-10] (Baidu, Inc.)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [8320 2007-03-08] (GARMIN Corp.)
S0 iviVD; C:\Windows\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-28] (Initio Corporation)
S3 MosIrUsb; C:\Windows\System32\DRIVERS\MosIrUsb.sys [22016 2007-10-11] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)
S3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-26] (Renesas Electronics Corporation)
S3 nusb3xhc; C:\Windows\system32\DRIVERS\nusb3xhc.sys [146568 2010-04-26] (Renesas Electronics Corporation)
S0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [25376 2013-09-04] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181432 2011-12-07] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-08-01] (AnchorFree Inc)
S3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 cpuz132; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\WNt500x86\Sandra.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 21:05 - 2014-09-22 21:05 - 00000000 ____D () C:\FRST
2014-09-17 21:07 - 2014-09-17 21:10 - 00001750 _____ () C:\Windows\System32\iCMS.dat
2014-09-17 20:54 - 2014-09-17 20:54 - 00002559 _____ () C:\Users\Public\Desktop\iCMS.lnk
2014-09-17 20:54 - 2014-09-17 20:54 - 00000000 ____D () C:\Program Files\iCMS
2014-09-12 04:07 - 2014-09-12 04:07 - 00001717 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-12 04:06 - 2014-09-12 04:07 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-10 12:13 - 2014-08-19 09:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-09-10 12:13 - 2014-08-18 14:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-09-10 12:13 - 2014-08-18 14:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-09-10 12:13 - 2014-08-18 13:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-09-10 12:13 - 2014-08-18 13:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-09-10 12:13 - 2014-08-18 13:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-09-10 12:13 - 2014-08-18 13:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-09-10 12:13 - 2014-08-18 13:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-09-10 12:13 - 2014-08-18 13:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-09-10 12:13 - 2014-08-18 13:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-09-10 12:13 - 2014-08-18 13:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-09-10 12:13 - 2014-08-18 13:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-09-10 12:13 - 2014-08-18 13:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-09-10 12:13 - 2014-08-18 13:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-09-10 12:13 - 2014-08-18 13:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-09-10 12:13 - 2014-08-18 13:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-09-10 12:13 - 2014-08-18 13:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-10 12:13 - 2014-08-18 13:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-09-10 12:13 - 2014-08-18 13:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-10 12:13 - 2014-08-18 13:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-09-10 12:13 - 2014-08-18 13:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-09-10 12:13 - 2014-08-18 13:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-09-10 12:13 - 2014-08-18 13:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-09-10 12:13 - 2014-08-18 13:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-09-10 12:13 - 2014-08-18 13:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-09-10 12:13 - 2014-08-18 13:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-09-10 12:13 - 2014-08-18 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-09-10 12:13 - 2014-08-18 12:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-09-10 12:13 - 2014-08-18 12:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-09-10 12:13 - 2014-08-18 12:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-09-10 12:13 - 2014-06-26 17:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 05:40 - 2014-07-06 17:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-09-10 05:40 - 2014-07-06 17:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-09-10 05:14 - 2014-06-23 18:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-09-10 04:54 - 2014-09-04 17:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-10 04:54 - 2014-09-04 17:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-10 04:54 - 2014-08-01 03:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-08-30 08:12 - 2014-09-04 01:32 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-08-28 02:45 - 2014-08-22 17:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-28 02:45 - 2014-08-22 16:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 21:05 - 2014-09-22 21:05 - 00000000 ____D () C:\FRST
2014-09-19 09:22 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\LogFiles
2014-09-18 06:33 - 2010-07-06 12:23 - 01619272 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-09-18 06:15 - 2014-01-07 06:18 - 00000000 ____D () C:\Program Files\Opera
2014-09-18 05:19 - 2010-10-28 04:44 - 02009202 _____ () C:\Windows\WindowsUpdate.log
2014-09-17 21:10 - 2014-09-17 21:07 - 00001750 _____ () C:\Windows\System32\iCMS.dat
2014-09-17 20:54 - 2014-09-17 20:54 - 00002559 _____ () C:\Users\Public\Desktop\iCMS.lnk
2014-09-17 20:54 - 2014-09-17 20:54 - 00000000 ____D () C:\Program Files\iCMS
2014-09-16 19:41 - 2013-03-27 22:59 - 00083456 ___SH () C:\Users\Alfred\Thumbs.db
2014-09-15 20:38 - 2009-07-13 20:34 - 00018928 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:38 - 2009-07-13 20:34 - 00018928 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-12 04:07 - 2014-09-12 04:07 - 00001717 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-12 04:07 - 2014-09-12 04:06 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-12 04:07 - 2010-11-18 03:07 - 00000000 ____D () C:\Program Files\iTunes
2014-09-12 04:06 - 2010-11-18 03:07 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 18:05 - 2014-07-07 18:20 - 00000000 ____D () C:\Users\Alfred\Desktop\SCAN
2014-09-10 17:05 - 2014-05-08 02:12 - 00000000 ___RD () C:\Users\Alfred\Dropbox
2014-09-10 17:05 - 2014-05-08 02:09 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Dropbox
2014-09-10 12:42 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-10 12:31 - 2014-04-26 05:08 - 00004851 _____ () C:\Windows\setupact.log
2014-09-10 12:31 - 2010-08-08 21:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-10 12:13 - 2013-08-13 17:04 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-10 12:07 - 2010-07-06 13:03 - 98758480 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-10 12:06 - 2014-05-06 12:01 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-09-10 12:06 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\de-DE
2014-09-10 06:45 - 2014-01-07 08:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-10 06:45 - 2014-01-07 08:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-09-09 08:01 - 2011-12-05 02:26 - 00000000 ____D () C:\Users\Alfred\Desktop\Bali
2014-09-05 18:26 - 2014-07-04 01:35 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-04 17:52 - 2014-09-10 04:54 - 00445952 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-04 17:47 - 2014-09-10 04:54 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-04 01:32 - 2014-08-30 08:12 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-08-28 12:19 - 2009-07-13 20:33 - 00891864 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-25 01:34 - 2014-08-21 06:19 - 00000000 ____D () C:\Users\Alfred\Desktop\Musik BKK 2014
2014-08-24 22:56 - 2010-10-30 01:00 - 00000000 ____D () C:\Users\Alfred\Desktop\Sonne
2014-08-24 19:19 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\System32\FxsTmp
2014-08-24 18:53 - 2014-04-23 01:47 - 00000000 ____D () C:\Users\Alfred\Downloads\Alfred privat
2014-08-24 15:53 - 2010-07-06 13:02 - 00231584 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Alfred\FreeYouTubeToMp3Converter_3.9.exe


Some content of TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\Alfred\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Alfred\AppData\Local\Temp\AMPing.exe
C:\Users\Alfred\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.5.64367.exe
C:\Users\Alfred\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Alfred\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx2kh9k.dll
C:\Users\Alfred\AppData\Local\Temp\ICReinstall_FreeYouTubeDownload (4).exe
C:\Users\Alfred\AppData\Local\Temp\ICReinstall_FreeYouTubeDownload.exe
C:\Users\Alfred\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter (3).exe
C:\Users\Alfred\AppData\Local\Temp\InstallManager_BAB_BAB.exe
C:\Users\Alfred\AppData\Local\Temp\install_flashplayer13x32_mssd_awb_aih (2).exe
C:\Users\Alfred\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Alfred\AppData\Local\Temp\OptimizerPro_20140120.exe
C:\Users\Alfred\AppData\Local\Temp\ose00001.exe
C:\Users\Alfred\AppData\Local\Temp\ose00002.exe
C:\Users\Alfred\AppData\Local\Temp\ResetDevice.exe
C:\Users\Alfred\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Alfred\AppData\Local\Temp\sdapskill.exe
C:\Users\Alfred\AppData\Local\Temp\sdaspwn.exe
C:\Users\Alfred\AppData\Local\Temp\_is3284.exe
C:\Users\Alfred\AppData\Local\Temp\_is6316.exe
C:\Users\Alfred\AppData\Local\Temp\_is6509.exe
C:\Users\Alfred\AppData\Local\Temp\_is7291.exe
C:\Users\Alfred\AppData\Local\Temp\_isA211.exe
C:\Users\Alfred\AppData\Local\Temp\_isE986.exe
C:\Users\Alfred\AppData\Local\Temp\_isFFA3.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================


==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 3893.42 MB
Available physical RAM: 3371.69 MB
Total Pagefile: 3891.7 MB
Available Pagefile: 3380.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.71 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:565.07 GB) (Free:71.83 GB) NTFS
Drive e: (Recover) (Fixed) (Total:30 GB) (Free:9.58 GB) NTFS
Drive h: (TRANSCEND) (Removable) (Total:3.76 GB) (Free:2.42 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=565.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)


LastRegBack: 2014-09-15 20:52

==================== End Of Log ============================
         

--- --- ---

Hi,

was genau passiert beim normal booten? Geht einer der Safe Modes? Last Known Good COnfig? Sys Wiederherstellung?

Hallo!
Es ist mir ein völliges Rätsel, aber mein Laptop lies sich heute früh normal starten.
ich machte gleich einen gründlichen Check von meinem Antrivirusprogramm.
2 Bedrohungen wurden gefunden:
C:\hitradiorecorder5_setup(1).exe
C:\dslradiorecorder2.0_up.exe

Schweregrad: hoch
Status: Bedrohung: Win32: Adware-gen ----in Container verschoben.

Ist mein Problem nun gelöst oder soll ich noch was machen?
Vielen Dank
Alfred

Dann jetzt im normalen Modus:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

LOGFILE
FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2014
Ran by Alfred (administrator) on ALFRED-PC on 24-09-2014 21:43:46
Running from H:\
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\3DataManager\WTGService.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Cyrus\AutoDect.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\Alfred\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Opera Software) C:\Program Files\Opera\24.0.1558.61\opera.exe
() C:\Program Files\Opera\24.0.1558.61\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files\Opera\24.0.1558.61\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9222760 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1481320 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [HotkeyApp] => C:\Program Files\Launch Manager\HotkeyApp.exe [200704 2009-12-15] (Wistron)
HKLM\...\Run: [LMgrVolOSD] => C:\Program Files\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [436264 2010-06-22] (Wistron Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-11] (Synaptics Incorporated)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [autodetect] => C:\Program Files\Cyrus\AutoDect.exe [129872 2010-11-24] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-07-30] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\S-1-5-21-3347884753-1447943151-867403944-1000\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {13055396-82ef-11e1-bc9f-00262dc1d311} - G:\Autorun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {145222eb-0d63-11e1-b4d9-00262dc1d311} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {1452231b-0d63-11e1-b4d9-00262dc1d311} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {17412682-e3c5-11df-b56e-485d6026f9df} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {20694026-0e4e-11e1-854b-00262dc1d311} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {2be10487-03f4-11e1-abfa-00262dc1d311} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {2d4dcacc-e291-11df-b5a6-485d6026f9df} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {2d4dce82-e291-11df-b5a6-485d6026f9df} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {569247f0-343c-11e3-8045-00262dc1d311} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {5c8089e1-97be-11e2-819b-00262dc1d311} - G:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {830a0c62-cf05-11e2-bb97-00262dc1d311} - H:\Autorun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {8c117c44-87cb-11e1-983c-485d6026f9df} - J:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {987ff4b7-a23c-11e2-aabd-485d6026f9df} - G:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {a188012e-64d4-11e3-8222-00262dc1d311} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {b4007448-6a4d-11e3-b534-00262dc1d311} - G:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {b4007485-6a4d-11e3-b534-00262dc1d311} - G:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {d04b0c1c-2df6-11e0-b804-00262dc1d311} - F:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {d04b0c1e-2df6-11e0-b804-00262dc1d311} - I:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {d0a9a05e-98ee-11e2-8bba-00262dc1d311} - G:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {df1be719-d6b5-11e2-8133-00262dc1d311} - G:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {df1be724-d6b5-11e2-8133-00262dc1d311} - G:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {f7c8efe6-0e21-11e1-b712-00262dc1d311} - H:\AutoRun.exe
HKU\S-1-5-21-3347884753-1447943151-867403944-1001\...\MountPoints2: {f7f57be8-45bd-11e2-aa61-806e6f6e6963} - G:\AutoRun.exe
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: 69.31.101.205:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://medion.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
URLSearchHook: HKLM - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
URLSearchHook: HKLM - (No Name) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} -  No File
URLSearchHook: HKCU - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -  No File
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
URLSearchHook: HKCU - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
URLSearchHook: HKCU - (No Name) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} -  No File
URLSearchHook: HKCU - (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} -  No File
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2325506
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_wls&mntrId=1E6B485D6026F9DF&affID=121565&tsp=5015
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_wls&mntrId=1E6B485D6026F9DF&affID=121565&tsp=5015
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80195&lng=de
SearchScopes: HKCU - {D8E89A4C-C527-4624-8D43-3B9231BE8C7A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=C20E6A7C-23C4-45DF-BDFF-0D9171DAA3A1&apn_sauid=D879AD70-BC7B-4C15-90A6-4991E6D6AFE5&
BHO: No Name -> {26647ca4-a2a7-4eac-8a72-761aa9141de7} ->  No File
BHO: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} ->  No File
BHO: No Name -> {30F9B915-B755-4826-820B-08FBA6BD249D} ->  No File
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: No Name -> {7e111a5c-3d11-4f56-9463-5310c3c69025} ->  No File
BHO: No Name -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
Toolbar: HKLM - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKLM - No Name - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
Toolbar: HKLM - No Name - {26647ca4-a2a7-4eac-8a72-761aa9141de7} -  No File
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -  No File
Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll (Google)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @doubletwist.com/NPPodcast -> C:\Program Files\Common Files\doubleTwist\NPPodcast.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Alfred\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\3-addons\addon
FF Extension: 3DataManager BM - C:\Program Files\3-addons\addon [2011-11-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-27]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR StartupUrls: Default -> "www.google.com"
CHR CustomProfile: C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! Online Security) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-19]
CHR Extension: (CPDD-Blossom) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlialpgnoagkdecfaggejocpfdbommon [2014-01-06]
CHR Extension: (Skype Click to Call) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-11-09]
CHR Extension: (Amazon-Icon) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Alfred\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx []
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Alfred\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-02-27]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-02-27]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-10] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [106488 2014-07-10] (AVAST Software)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-15] ()
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-12] () [File not signed]
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 WTGService; C:\Program Files\3DataManager\WTGService.exe [312784 2009-11-07] ()
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2011-11-30] (Protect Software GmbH) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-10] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-10] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270752 2014-07-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-10] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-10] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-10] ()
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)
U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2009-02-20] (Bytemobile, Inc.) [File not signed]
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [8320 2007-03-09] (GARMIN Corp.)
R0 iviVD; C:\Windows\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 MosIrUsb; C:\Windows\System32\DRIVERS\MosIrUsb.sys [22016 2007-10-11] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-07] (CACE Technologies)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [64904 2010-04-27] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\system32\DRIVERS\nusb3xhc.sys [146568 2010-04-27] (Renesas Electronics Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [25376 2013-09-05] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181432 2011-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-08-02] (AnchorFree Inc)
S1 tcpipBM; C:\Windows\system32\Drivers\tcpipBM.sys [18816 2009-02-20] (Bytemobile, Inc.) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-14] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-14] (X10 Wireless Technology, Inc.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 cpuz132; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\WNt500x86\Sandra.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 13:58 - 2014-09-24 13:58 - 00002181 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-09-24 13:58 - 2014-09-24 13:58 - 00001161 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-24 13:58 - 2014-09-24 13:58 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-09-24 13:56 - 2014-09-24 13:56 - 00001349 _____ () C:\Users\Alfred\Desktop\FreeMP4VideoConverter5.0.48.922 - Verknüpfung.lnk
2014-09-24 13:26 - 2014-09-24 14:19 - 17804953 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeMP4VideoConverter5.0.48.922 (1).exe.opdownload
2014-09-24 13:26 - 2014-09-24 13:48 - 28679360 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeMP4VideoConverter5.0.48.922.exe
2014-09-23 12:05 - 2014-09-24 21:43 - 00000000 ____D () C:\FRST
2014-09-18 12:07 - 2014-09-23 22:04 - 00001750 _____ () C:\Windows\system32\iCMS.dat
2014-09-18 11:54 - 2014-09-18 11:54 - 00002559 _____ () C:\Users\Public\Desktop\iCMS.lnk
2014-09-18 11:54 - 2014-09-18 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCMS
2014-09-18 11:54 - 2014-09-18 11:54 - 00000000 ____D () C:\Program Files\iCMS
2014-09-12 19:07 - 2014-09-12 19:07 - 00001717 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-12 19:07 - 2014-09-12 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-12 19:06 - 2014-09-12 19:07 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-11 03:13 - 2014-08-20 00:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:13 - 2014-08-19 05:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:13 - 2014-08-19 05:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:13 - 2014-08-19 04:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:13 - 2014-08-19 04:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:13 - 2014-08-19 04:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:13 - 2014-08-19 04:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:13 - 2014-08-19 04:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:13 - 2014-08-19 04:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:13 - 2014-08-19 04:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:13 - 2014-08-19 04:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:13 - 2014-08-19 04:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:13 - 2014-08-19 04:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:13 - 2014-08-19 04:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:13 - 2014-08-19 04:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:13 - 2014-08-19 04:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:13 - 2014-08-19 04:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:13 - 2014-08-19 04:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:13 - 2014-08-19 04:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:13 - 2014-08-19 04:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:13 - 2014-08-19 04:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:13 - 2014-08-19 04:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:13 - 2014-08-19 04:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:13 - 2014-08-19 04:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:13 - 2014-08-19 04:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:13 - 2014-08-19 04:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:13 - 2014-08-19 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:13 - 2014-08-19 03:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:13 - 2014-08-19 03:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:13 - 2014-08-19 03:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:13 - 2014-06-27 08:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 20:40 - 2014-07-07 08:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:40 - 2014-07-07 08:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:14 - 2014-06-24 09:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 19:54 - 2014-09-05 08:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 19:54 - 2014-09-05 08:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 19:54 - 2014-08-01 18:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-08-30 23:12 - 2014-09-04 16:32 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-08-28 17:45 - 2014-08-23 08:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 17:45 - 2014-08-23 07:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 13:54 - 2014-08-25 13:54 - 00002169 _____ () C:\Users\Alfred\Eigene Dateien Alfred\Documents\Mein Film.wlmp
2014-08-25 10:18 - 2014-08-25 10:19 - 00000000 ____D () C:\Users\Alfred\Eigene Dateien Alfred\Documents\Fax

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 21:44 - 2010-11-09 18:28 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-24 21:43 - 2014-09-23 12:05 - 00000000 ____D () C:\FRST
2014-09-24 21:43 - 2014-06-02 23:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 21:42 - 2010-07-07 03:23 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-24 21:41 - 2012-10-02 22:06 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001Core.job
2014-09-24 21:36 - 2010-11-09 18:28 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-24 21:35 - 2012-10-02 22:06 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001UA.job
2014-09-24 21:35 - 2010-10-28 19:44 - 02091127 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 14:23 - 2011-12-01 03:37 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\GetRightToGo
2014-09-24 14:19 - 2014-09-24 13:26 - 17804953 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeMP4VideoConverter5.0.48.922 (1).exe.opdownload
2014-09-24 13:58 - 2014-09-24 13:58 - 00002181 _____ () C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2014-09-24 13:58 - 2014-09-24 13:58 - 00001161 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-24 13:58 - 2014-09-24 13:58 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-09-24 13:58 - 2011-11-15 18:47 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\DVDVideoSoft
2014-09-24 13:58 - 2010-11-24 04:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-24 13:58 - 2010-11-24 04:53 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-09-24 13:56 - 2014-09-24 13:56 - 00001349 _____ () C:\Users\Alfred\Desktop\FreeMP4VideoConverter5.0.48.922 - Verknüpfung.lnk
2014-09-24 13:48 - 2014-09-24 13:26 - 28679360 _____ (DVDVideoSoft Ltd. ) C:\Users\Alfred\Downloads\FreeMP4VideoConverter5.0.48.922.exe
2014-09-23 22:04 - 2014-09-18 12:07 - 00001750 _____ () C:\Windows\system32\iCMS.dat
2014-09-23 22:03 - 2011-12-05 17:26 - 00000000 ____D () C:\Users\Alfred\Desktop\Bali
2014-09-23 21:28 - 2009-07-14 11:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 21:28 - 2009-07-14 11:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 21:25 - 2012-11-12 22:45 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-23 21:21 - 2014-05-08 17:12 - 00000000 ___RD () C:\Users\Alfred\Dropbox
2014-09-23 21:21 - 2014-05-08 17:09 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Dropbox
2014-09-23 21:19 - 2014-04-26 20:08 - 00004963 _____ () C:\Windows\setupact.log
2014-09-23 21:19 - 2010-12-19 19:41 - 00000310 _____ () C:\Windows\Tasks\WinMaximizer-Alfred-Startup.job
2014-09-23 21:19 - 2010-08-09 12:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-23 21:19 - 2009-07-14 11:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-23 15:26 - 2014-05-08 17:10 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-20 00:22 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-09-18 21:15 - 2014-01-07 21:18 - 00000000 ____D () C:\Program Files\Opera
2014-09-18 11:54 - 2014-09-18 11:54 - 00002559 _____ () C:\Users\Public\Desktop\iCMS.lnk
2014-09-18 11:54 - 2014-09-18 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCMS
2014-09-18 11:54 - 2014-09-18 11:54 - 00000000 ____D () C:\Program Files\iCMS
2014-09-17 10:41 - 2013-03-28 13:59 - 00083456 ___SH () C:\Users\Alfred\Thumbs.db
2014-09-15 09:06 - 2010-07-07 04:02 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-12 19:07 - 2014-09-12 19:07 - 00001717 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-12 19:07 - 2014-09-12 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-12 19:07 - 2014-09-12 19:06 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-12 19:07 - 2010-11-18 18:07 - 00000000 ____D () C:\Program Files\iTunes
2014-09-12 19:06 - 2010-11-18 18:07 - 00000000 ____D () C:\Program Files\iPod
2014-09-11 09:05 - 2014-07-08 09:20 - 00000000 ____D () C:\Users\Alfred\Desktop\SCAN
2014-09-11 03:42 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-11 03:13 - 2013-08-14 08:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:07 - 2010-07-07 04:03 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:06 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 03:06 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-10 21:45 - 2014-01-07 23:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 21:45 - 2014-01-07 23:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-06 09:26 - 2014-07-04 16:35 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-05 08:52 - 2014-09-10 19:54 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 08:47 - 2014-09-10 19:54 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 16:32 - 2014-08-30 23:12 - 00000000 ____D () C:\Users\Alfred\Desktop\Neuer Ordner
2014-08-29 03:19 - 2009-07-14 11:33 - 00891864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 16:34 - 2014-08-21 21:19 - 00000000 ____D () C:\Users\Alfred\Desktop\Musik BKK 2014
2014-08-25 13:56 - 2010-10-30 16:00 - 00000000 ____D () C:\Users\Alfred\Desktop\Sonne
2014-08-25 13:54 - 2014-08-25 13:54 - 00002169 _____ () C:\Users\Alfred\Eigene Dateien Alfred\Documents\Mein Film.wlmp
2014-08-25 10:19 - 2014-08-25 10:18 - 00000000 ____D () C:\Users\Alfred\Eigene Dateien Alfred\Documents\Fax
2014-08-25 10:19 - 2009-07-14 11:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-25 09:53 - 2014-04-23 16:47 - 00000000 ____D () C:\Users\Alfred\Downloads\Alfred privat

Files to move or delete:
====================
C:\Users\Alfred\FreeYouTubeToMp3Converter_3.9.exe


Some content of TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\Alfred\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Alfred\AppData\Local\Temp\AMPing.exe
C:\Users\Alfred\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.5.64367.exe
C:\Users\Alfred\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Alfred\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw9nfov.dll
C:\Users\Alfred\AppData\Local\Temp\ICReinstall_FreeYouTubeDownload (4).exe
C:\Users\Alfred\AppData\Local\Temp\ICReinstall_FreeYouTubeDownload.exe
C:\Users\Alfred\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter (3).exe
C:\Users\Alfred\AppData\Local\Temp\InstallManager_BAB_BAB.exe
C:\Users\Alfred\AppData\Local\Temp\install_flashplayer13x32_mssd_awb_aih (2).exe
C:\Users\Alfred\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Alfred\AppData\Local\Temp\OptimizerPro_20140120.exe
C:\Users\Alfred\AppData\Local\Temp\ose00001.exe
C:\Users\Alfred\AppData\Local\Temp\ose00002.exe
C:\Users\Alfred\AppData\Local\Temp\ResetDevice.exe
C:\Users\Alfred\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Alfred\AppData\Local\Temp\sdapskill.exe
C:\Users\Alfred\AppData\Local\Temp\sdaspwn.exe
C:\Users\Alfred\AppData\Local\Temp\_is3284.exe
C:\Users\Alfred\AppData\Local\Temp\_is6316.exe
C:\Users\Alfred\AppData\Local\Temp\_is6509.exe
C:\Users\Alfred\AppData\Local\Temp\_is7291.exe
C:\Users\Alfred\AppData\Local\Temp\_isA211.exe
C:\Users\Alfred\AppData\Local\Temp\_isE986.exe
C:\Users\Alfred\AppData\Local\Temp\_isFFA3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 11:52

==================== End Of Log ============================
         

--- --- ---









ADDITIONAL TXT FILE

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-09-2014
Ran by Alfred at 2014-09-24 21:44:59
Running from H:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DataManager (HKLM\...\3DataManager) (Version: 2.2 - 3DataManager)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
AllDup 3.3.12 (HKLM\...\AllDup_is1) (Version: 3.3.12 - Michael Thummerer Software Design)
AoA Audio Extractor (HKLM\...\{D1725D54-279A-40C5-A70D-23C1785DB920}_is1) (Version: - AoAMedia.com)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM\...\Ashampoo Photo Commander_is1) (Version: 8.1.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM\...\Ashampoo Snap_is1) (Version: 3.4.0 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
avast! Internet Security (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
bob internet (Version: 1.0.0.139 - mobilkom austria AG) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon iP2700 series Benutzerregistrierung (HKLM\...\Canon iP2700 series Benutzerregistrierung) (Version: - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - )
Canon MP230 series Benutzerregistrierung (HKLM\...\Canon MP230 series Benutzerregistrierung) (Version: - Canon Inc.‎)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.00 - Canon Inc.)
Canon MP230 series On-screen Manual (HKLM\...\Canon MP230 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
ClaroInstaller (HKLM\...\{069B290F-5398-4629-A009-85B4BCB4B1B9}) (Version: 1.0.0.1 - Claro)
Conduit Engine (HKLM\...\conduitEngine) (Version: 6.2.2.4 - Conduit Ltd.) <==== ATTENTION
ControlCenter (HKLM\...\{E5EDA1E6-5FDD-4B29-8399-6022B81C3A7C}) (Version: - )
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2602 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.2602 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1410a - CyberLink Corp.)
CyberLink MediaShow (Version: 5.0.1410a - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.5.1412_24021 - CyberLink Corp.)
CyberLink MediaShow Espresso (Version: 5.5.1412_24021 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2718 - CyberLink Corp.)
CyberLink PowerDirector (Version: 8.0.2718 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2925.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (Version: 9.0.2925.52 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2326 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.2.2326 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2626 - CyberLink Corp.)
CyberLink YouCam (Version: 3.0.2626 - CyberLink Corp.) Hidden
Cyrus (HKLM\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Driver Detective (HKLM\...\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}) (Version: 8.0.1 - PC Drivers HeadQuarters)
Driver Whiz (HKLM\...\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}) (Version: 8.0.1 - Driver Whiz)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.8.2.0 - DVDVideoSoftTB)
EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Free Audio CD Burner version 1.4 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free DVD Video Converter version 2.0.15.1029 (HKLM\...\Free DVD Video Converter_is1) (Version: 2.0.15.1029 - DVDVideoSoft Ltd.)
Free HTML5 Video Player and Converter version 5.0.30.1029 (HKLM\...\Free HTML5 Video Player and Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 7.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free MP4 Video Converter version 5.0.48.922 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.48.922 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
Freeware.de Toolbar (HKLM\...\Freeware.de Toolbar) (Version: 6.8.2.0 - Freeware.de)
Garmin BaseCamp (HKLM\...\{22613FA5-4D3B-4EE5-8E4A-39EBE649324E}) (Version: 3.3.3 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
H264 Video Codec (HKLM\...\H264) (Version: - T,DP5)
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HiJaak® PhoTags (HKLM\...\{C80BF516-777D-4869-A924-F54F9E2DF43E}) (Version: 2.5.24 - IMSI.)
iCMS (HKLM\...\{6BF6FA12-4DA0-4BBD-A91C-81B1A1DDCE74}) (Version: 1.0.4 - iCMS)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.2 - Wistron Corp.)
Medion Home Cinema (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.1505 - CyberLink Corp.)
Medion Home Cinema (Version: 8.0.1505 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Research AutoCollage 2008 version 1.1 (HKLM\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MP3jam 1.1.1.9 (HKLM\...\MP3jam_is1) (Version: 1.1.1.9 - MP3jam)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Nero 8 (HKLM\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.31 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5912 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Updatus (Version: 1.0.3 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera Stable 24.0.1558.61 (HKLM\...\Opera 24.0.1558.61) (Version: 24.0.1558.61 - Opera Software ASA)
PDF Blender (HKLM\...\PDF Blender) (Version: - )
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6128 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.)
Skype™ 6.6 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
SuperPlay (HKLM\...\{DBABA511-7108-4239-8B84-78C67BEA117D}) (Version: 1.0.0 - SuperPlay)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
The Rosetta Stone (HKLM\...\The Rosetta Stone) (Version: - )
WebClient (HKLM\...\WebClient) (Version: - )
Windows Internet Explorer 10 (Version: 10.0 - Microsoft Corporation) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Hewlett-Packard Image (12/27/2006 8.0.0.0) (HKLM\...\F5E51FDA4F39B4D4F8A1DF9178FCF7947925E0F1) (Version: 12/27/2006 8.0.0.0 - Hewlett-Packard)
WinPcap 4.0.2 (HKLM\...\WinPcapInst) (Version: 4.0.0.1040 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
www.Freeware-download.com Toolbar (HKLM\...\www.Freeware-download.com Toolbar) (Version: 6.2.2.4 - www.Freeware-download.com)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Alfred\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Alfred\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Alfred\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347884753-1447943151-867403944-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alfred\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

23-09-2014 08:14:31 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 09:04 - 2009-06-11 04:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {024733AF-6349-421B-B4A0-88C8860F773A} - System32\Tasks\Opera scheduled Autoupdate 1389104290 => C:\Program Files\Opera\launcher.exe [2014-09-12] (Opera Software)
Task: {03A023D8-427B-4EF4-B2A5-B86FBA7D0F27} - System32\Tasks\{1B60459B-1EB5-4C5A-9202-6C141766798D} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe
Task: {05A2B63C-5DFA-4B99-BDED-5695876A7EB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-09] (Google Inc.)
Task: {1268456B-A34E-4ED8-917E-6849E124AF55} - System32\Tasks\{B5483975-8860-40D5-9ACB-4BFAE5A28B96} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH)
Task: {32332AED-D311-4401-940C-DAB82D5859B8} - System32\Tasks\{20EFCEFA-69A5-4CB6-AFFD-0AEB9A32ECAF} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] ()
Task: {3B8D46C6-31FB-4850-ACAB-F4965D6348A7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001Core => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-02] (Facebook Inc.)
Task: {3D73AF95-EB32-44D4-A47A-7A9F50D3C9FE} - System32\Tasks\{1243E5D8-293A-48D5-870B-1872566946F8} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH)
Task: {3DCD4D17-1CE6-4C28-A58F-1C9CDD700E2B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4B89E2A3-06BF-41C5-91EF-27B051A74855} - System32\Tasks\{26C8E58C-BEA2-4372-83B6-8366D6F2CB5D} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe
Task: {51BCA28E-6EDC-43A5-9AF0-87C8518776C5} - System32\Tasks\{2E248677-D8DD-4473-A0B3-57DCBA6B9EC9} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH)
Task: {55E1415D-1911-4954-92CA-0C43E4E04843} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-09] (Google Inc.)
Task: {6E49B103-5514-4BF3-9E22-74E9BDDA93F9} - System32\Tasks\{2D1745AE-E5F2-45B8-9000-2FC69C40DA1E} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] ()
Task: {7B0C14BA-DA37-4C86-91E0-8F2783A4BC20} - System32\Tasks\{2A28CFAB-E6CB-4465-9E4E-ABE9ADED9F9B} => C:\Program Files\DATA BECKER\DSL Radio-Recorder 2.0\dslrr2.exe
Task: {7FFBA563-7F51-4651-9B73-B384F926824D} - System32\Tasks\{1E0DE0C4-8E43-4849-B00A-9E692BAF160F} => C:\Program Files\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {84ECABE1-6D27-4F35-B24D-A47097653C91} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001UA => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-02] (Facebook Inc.)
Task: {8EBD64E7-034C-44E5-9EA5-A9107E256D87} - System32\Tasks\{7C2F8F2D-0F2F-4070-B5C8-1E3587778465} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe
Task: {9E6E4A5D-CA04-4769-A834-13A676C2A1C9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {A04CA51A-371C-45BD-A591-0BD30C59CB82} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-07-10] (AVAST Software)
Task: {A8DCAAA9-C3C9-49C6-8C87-ABCEA67BAD86} - System32\Tasks\{3C6D9970-FA9A-4BA6-850C-BE01739CB678} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] ()
Task: {B727A09C-4347-48EC-A06A-BFB25921AE48} - System32\Tasks\{C5F9414D-5932-4580-BEB0-5C30692D63D8} => C:\Program Files\HiJaak PhoTags\Photags.exe [2003-11-20] ()
Task: {C8D5B2CE-64ED-492F-9C93-65A487F06717} - System32\Tasks\{D2C37CF7-85FC-48C3-8C56-5A7851D48F6A} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] ()
Task: {CBA114F9-CE17-466D-865B-466A52A30B33} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D5E43B12-EC4E-47AE-86EC-B7E1F0628395} - System32\Tasks\{778098B0-D774-47A2-BFCA-02A59D9EBD53} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH)
Task: {DD682428-C473-4EA8-83E3-B712ED9B861E} - System32\Tasks\{963DD8F5-CF08-4943-8F63-7207D0F920A6} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH)
Task: {E198B76B-7033-456A-8363-2DC7298503AD} - System32\Tasks\{CD8D5C39-5D73-4876-B144-EAFF1BD33FA2} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] ()
Task: {E789FB9E-2D62-4724-94F0-93E659E5A5ED} - System32\Tasks\{E6778CA5-5858-4BFD-976E-4E90F5DABA66} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe
Task: {EB3A1CC3-62E6-41C7-AB56-1014FDBB79D1} - System32\Tasks\{D110E03A-DEFD-42E5-8E6E-D5E59255B5C4} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe
Task: {EF3DFE40-E69D-46A4-8D1A-8775EA636466} - System32\Tasks\WinMaximizer-Alfred-Startup => C:\Program Files\WinMaximizer\WinMaximizer.exe
Task: {F188BF71-8C9A-4DC8-958D-7D5FFB3BC19D} - System32\Tasks\{51276E92-74E9-4AA0-BE8A-922FB198C613} => C:\Program Files\DATA BECKER\CD-Druckerei 5\cdd5.exe
Task: {F57957DB-BCE6-4F5A-B7F4-E499B7DE3B56} - System32\Tasks\{E90496A1-8D06-431E-B2E9-C1C5131C8672} => C:\Program Files\3DataManager\3DataManager.exe [2008-06-13] (WebToGo Mobile Internet GmbH)
Task: {FFDF30F4-753A-485B-A2E1-261CDCAF460F} - System32\Tasks\{CB79EFD9-13E7-4878-A666-5446756011BE} => C:\Users\Alfred\Eigene Dateien Alfred\Documents\Alfred Dokumente\Hotel SONNE\Divers\ClueSync.exe [2010-12-31] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001Core.job => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3347884753-1447943151-867403944-1001UA.job => C:\Users\Alfred\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WinMaximizer-Alfred-Startup.job => C:\Program Files\WinMaximizer\WinMaximizer.exe

==================== Loaded Modules (whitelisted) =============

2014-07-10 07:30 - 2014-07-10 07:30 - 00301152 ____N () C:\Program Files\Alwil Software\Avast5\aswProperty.dll
2014-09-23 18:20 - 2014-09-23 18:20 - 02865152 _____ () C:\Program Files\Alwil Software\Avast5\defs\14092300\algo.dll
2014-09-24 11:18 - 2014-09-24 11:18 - 02865152 _____ () C:\Program Files\Alwil Software\Avast5\defs\14092301\algo.dll
2014-09-24 21:36 - 2014-09-24 21:36 - 02866688 _____ () C:\Program Files\Alwil Software\Avast5\defs\14092400\algo.dll
2013-12-25 23:41 - 2013-08-30 06:08 - 00088864 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-04 16:35 - 2013-05-15 01:50 - 00140936 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2010-08-09 19:14 - 2010-02-12 21:20 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2011-11-14 22:46 - 2009-11-07 00:52 - 00312784 ____N () C:\Program Files\3DataManager\WTGService.exe
2009-11-03 04:20 - 2009-11-03 04:20 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 04:23 - 2009-11-03 04:23 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2012-04-16 20:59 - 2010-11-24 19:39 - 00129872 ____N () C:\Program Files\Cyrus\AutoDect.exe
2014-07-10 07:30 - 2014-07-10 07:30 - 19329904 ____N () C:\Program Files\Alwil Software\Avast5\libcef.dll
2011-09-01 01:13 - 2011-09-01 01:13 - 00094208 ____N () C:\Windows\System32\IccLibDll.dll
2014-09-23 21:21 - 2014-09-23 21:21 - 00043008 _____ () c:\users\alfred\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw9nfov.dll
2013-08-24 02:01 - 2013-08-24 02:01 - 25100288 _____ () C:\Users\Alfred\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-11 03:38 - 2014-09-11 03:38 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\03d9e855a8969bf00dd1bfeafa5d055e\IsdiInterop.ni.dll
2010-08-09 19:36 - 2010-03-04 10:08 - 00058880 ____N () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-18 21:15 - 2014-09-18 21:14 - 01372280 _____ () C:\Program Files\Opera\24.0.1558.61\opera_crashreporter.exe
2014-09-18 21:15 - 2014-09-18 21:14 - 01378936 _____ () C:\Program Files\Opera\24.0.1558.61\libglesv2.dll
2014-09-18 21:15 - 2014-09-18 21:14 - 00182392 _____ () C:\Program Files\Opera\24.0.1558.61\libegl.dll
2014-09-18 21:15 - 2014-09-18 21:14 - 00974968 _____ () C:\Program Files\Opera\24.0.1558.61\ffmpegsumo.dll
2014-09-10 21:45 - 2014-09-10 21:45 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:8CE646EE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3104

Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3104

Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2090

Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2090

Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1029

Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1029

Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/24/2014 10:16:21 AM) (Source: Google Update) (EventID: 20) (User: Alfred-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7


System errors:
=============
Error: (09/23/2014 09:19:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
tcpipBM

Error: (09/23/2014 03:21:03 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{91734A2F-C336-4BE9-8362-AA7479B0E354}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (09/23/2014 03:04:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
tcpipBM

Error: (09/23/2014 03:03:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎18.‎09.‎2014 um 21:42:35 unerwartet heruntergefahren.

Error: (09/11/2014 08:26:31 PM) (Source: iviVD) (EventID: 117) (User: )
Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben.

Error: (09/11/2014 08:04:55 AM) (Source: iviVD) (EventID: 117) (User: )
Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben.

Error: (09/11/2014 03:31:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
tcpipBM

Error: (09/11/2014 03:07:29 AM) (Source: iviVD) (EventID: 117) (User: )
Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben.

Error: (09/09/2014 09:23:10 PM) (Source: iviVD) (EventID: 117) (User: )
Description: Der Treiber für Gerät "\Device\Scsi\iviVD1" hat eine Portzeitüberschreitung aufgrund längerer mangelnder Aktivität ermittelt. Alle assoziierten Busse werden zurückgesetzt, um den Fehler zu beheben.

Error: (09/08/2014 06:52:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Virtueller Datenträger" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3104

Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3104

Error: (09/24/2014 03:15:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2090

Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2090

Error: (09/24/2014 03:15:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1029

Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1029

Error: (09/24/2014 03:15:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/24/2014 10:16:21 AM) (Source: Google Update) (EventID: 20) (User: Alfred-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 3253.42 MB
Available physical RAM: 1614.21 MB
Total Pagefile: 6505.13 MB
Available Pagefile: 4336.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.06 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:565.07 GB) (Free:68.31 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:9.58 GB) NTFS
Drive h: (TRANSCEND) (Removable) (Total:3.76 GB) (Free:2.42 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=565.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)

==================== End Of Log ============================


Vielen Dank und Viele Grüße
Alfred

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.