Virus auf dem Pc? Anfängliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit!

maxwell0901 · 22.09.2014, 16:55

Hallo liebes Forum,
Ich wende mich an euch, weil ich nicht so richtig weiß, was mit meinem Pc los ist. Meine Vermutung ist ein Virus. Es fing vor ca 10 Tagen an, als der Pc aus dem nichts ruckelt und plötzlich inkl Ton und Bild einfror. Das muss nicht bei aufwendigen Anwendungen sein, sondern kann auch sein, wenn ich einfach nur im Hintergrund Musik höre und gar nichts aktiv mache. Manchmal, nicht immer, dreht sich die Lüftung des Pc wenn er sich aufhängt extrem schnell und wird laut. Einmal aufgehängt, lässt sich nichts mehr machen, auch nach einer Stunde Wartezeit nicht, da hilft nur über den Neustart-Knopf neu starten. Anfangs trat es nicht häufig auf aber mittlerweile hängt der Pc so extrem, dass Arbeiten, geschweige denn Surfen oder Synchronisieren des Ipod mit ITunes fast nicht mehr möglich ist. Die Maus steht minutenlang auf einem Fleck bevor sie sich ein Stück weiterbewegt, selbst ein einfaches Lied abzuspielen wird zur Qual. Zu guter Letzt lässt sich noch zu den Symptomen sagen,dass er sehr lange zum Hochfahren braucht und mein Bitdefender Internet Security 2015 sagt, dass es immer wenn ich im Internet bin eine Seite namens domres.us blockiert hat, die ich aber nie aufgerufen habe. Es gibt auch Tage an denen mal für 15/20 min nichts, gar nichts, hängt. Dies kommt aber eher selten vor mittlerweile. Achso, und mein Arbeitsspeicher ist im Leerlauf(!) bereits zu 50% ausgelastet, was ebenfalls ziemlich ungewöhnlich ist!
Hier meine Daten des Pcs:
AMD Phenom II X4 955 (3,2GHZ)
4 Gb Ram
Windows 7 Professional 64 Bit
Nvidia Geforce Gtx 460

Ich bin eigentlich kein unerfahrener Nutzer und löse meine Probleme meistens selbst, aber hier bin ich mit meinem Latein am Ende.
Habe gestern Bitdefender einen vollständigen Systemscan durchführen lassen, dieser hat aber nichts gefunden.
Ich bin momentan etwas verunsichert ,weil ich auch grade Sachen wie Online-Banking über diesen PC betreibe und jetzt Angst habe, dass mit meinem Konto "Unfug" betrieben wird.
Hatte überlegt das System komplett neu aufzusetzen, das ist aber auf Grund der viele Daten und vor allem der Spiele, die ich teilweise umprogrammiert habe , ein riesen Aufwand,den ich mir eigentlich hoffe ersparen zu können!
Über Hilfe jeglicher Art freue ich mich!
LG
Max

schrauber · 22.09.2014, 18:28

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

maxwell0901 · 22.09.2014, 18:55

Hallo, vielen Dank für die schnelle Antwort. Anbei FRST.txt und Addition.txt.

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Maxi (administrator) on MAXI-PC on 22-09-2014 19:49:25
Running from C:\Users\Maxi\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
( ) C:\Windows\System32\lxbkcoms.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
() C:\Users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\obkagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1580360 2014-08-20] (Bitdefender)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Spotify Web Helper] => C:\Users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-28] (Spotify Ltd)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [815088 2014-08-14] (Bitdefender)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Amazon Music] => C:\Users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\MountPoints2: {2e736578-e4a8-11e3-b0e3-14dae96b5c19} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\MountPoints2: {49d1f69a-d6c5-11e0-b2f4-14dae96b5c19} - H:\AutoRun.exe
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\MountPoints2: {7304290e-7b88-11e3-add3-14dae96b5c19} - F:\laucher.exe
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\MountPoints2: {e51f3ef0-52e7-11e3-93cb-14dae96b5c19} - G:\setup.exe -a
IFEO\blackberrylink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=vtt&from=vtt&uid=395049983_1052483_98108D73&ts=1373467742
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=vtt&from=vtt&uid=395049983_1052483_98108D73&ts=1373467742
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=vtt&from=vtt&uid=395049983_1052483_98108D73&ts=1373467742
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=vtt&from=vtt&uid=395049983_1052483_98108D73&ts=1373467742
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=vtt&from=vtt&uid=395049983_1052483_98108D73&ts=1373467742
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=981014DAE96B5C19&affID=122920&tsp=4951
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=981014DAE96B5C19&affID=122920&tsp=4951
SearchScopes: HKCU - {116C6F52-A7E4-4ECB-9AFA-5F063E52C0BB} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=vtt&from=vtt&uid=395049983_1052483_98108D73&ts=1373467742
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: IEButton Class -> {F81D52BF-F2F1-4F49-BF5F-05664E803039} -> C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - No Name - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\2gs3k6tl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\2gs3k6tl.default\Extensions\abs@avira.com [2014-09-15]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-09-17]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-09-17]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-11]
CHR Extension: (Google Drive) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-11]
CHR Extension: (YouTube) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-11]
CHR Extension: (Google-Suche) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-11]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Mail) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-11]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Maxi\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [77632 2014-08-08] (Bitdefender)
S4 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-06-17] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
S4 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
S4 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-08-08] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1513952 2014-08-11] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-05-16] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
S3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [34528 2013-03-28] (Windows (R) Win 7 DDK provider)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SaiH0C2D; C:\Windows\System32\DRIVERS\SaiH0C2D.sys [176128 2007-07-02] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-07-02] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 WmaCAudio; C:\Windows\System32\drivers\WmaCAudio.sys [34528 2013-06-17] (Windows (R) Win 7 DDK provider)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 19:49 - 2014-09-22 19:49 - 00017963 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-09-22 19:47 - 2014-09-22 19:49 - 00000000 ____D () C:\FRST
2014-09-22 19:47 - 2014-09-22 19:48 - 00018221 _____ () C:\Users\Maxi\Downloads\FRST.txt
2014-09-22 19:47 - 2014-09-22 19:47 - 02105856 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-09-21 13:46 - 2014-09-21 13:47 - 01307544 _____ () C:\Windows\Minidump\092114-18267-01.dmp
2014-09-21 12:47 - 2014-09-21 12:47 - 00001122 _____ () C:\Users\Maxi\Desktop\Amazon Music.lnk
2014-09-21 12:45 - 2014-09-21 12:46 - 39967720 _____ (Amazon) C:\Users\Maxi\Downloads\AmazonMusicInstaller.exe
2014-09-20 11:00 - 2014-09-20 11:00 - 00262144 ____N () C:\Windows\Minidump\092014-41839-01.dmp
2014-09-20 10:49 - 2014-09-20 10:49 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-20 10:49 - 2014-09-20 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-20 10:48 - 2014-09-20 10:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-20 10:46 - 2014-09-20 10:46 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Maxi\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-20 10:45 - 2014-09-20 10:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 16:31 - 2014-09-17 16:31 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-09-17 16:31 - 2014-09-17 16:31 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-09-17 16:02 - 2014-09-17 16:02 - 00730742 _____ () C:\ProgramData\1410961909.bdinstall.bin
2014-09-17 16:01 - 2014-09-17 16:01 - 00002126 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2014-09-17 16:01 - 2014-09-17 16:01 - 00000684 ____H () C:\bdr-cf01
2014-09-17 16:01 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-09-17 16:00 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-09-17 16:00 - 2014-05-16 13:01 - 01260120 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-09-17 16:00 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-09-17 16:00 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-09-17 15:55 - 2014-09-17 16:07 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Bitdefender
2014-09-17 15:55 - 2014-09-17 16:01 - 00253404 ____H () C:\bdr-ld01
2014-09-17 15:55 - 2014-09-17 16:01 - 00009216 ____H () C:\bdr-ld01.mbr
2014-09-17 15:55 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2014-09-17 15:55 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-09-17 15:52 - 2014-07-02 17:47 - 00419616 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-09-17 15:52 - 2013-08-23 13:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-09-16 17:23 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-09-16 17:14 - 2014-09-17 15:52 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-16 17:13 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-09-16 17:13 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-09-16 17:13 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-09-15 18:11 - 2014-09-15 18:11 - 00262144 ____N () C:\Windows\Minidump\091514-25443-01.dmp
2014-09-15 16:51 - 2014-09-17 16:17 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-15 16:39 - 2014-09-15 16:43 - 149527616 _____ () C:\Users\Maxi\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-14 14:30 - 2014-09-14 14:30 - 00000052 _____ () C:\Users\Maxi\Desktop\z .txt
2014-09-14 13:53 - 2014-09-14 13:53 - 00915646 _____ () C:\Users\Maxi\Downloads\Anschreibe
2014-09-12 22:09 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 22:09 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 22:09 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 22:09 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 22:09 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 22:09 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 22:09 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 22:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 22:09 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 22:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 22:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 22:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 22:08 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 22:08 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 22:08 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 22:08 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 22:08 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 22:08 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 22:08 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 22:08 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 22:08 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 22:08 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 22:08 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 22:08 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 22:08 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 22:08 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 22:08 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 22:08 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 22:08 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 22:08 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 22:08 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 22:08 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 22:08 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 22:08 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 22:08 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 22:08 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 22:08 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 22:08 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 22:08 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 22:08 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 22:08 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 22:08 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 22:08 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 22:08 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 22:08 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 22:08 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 22:08 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 22:08 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 22:08 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 22:08 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 22:08 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 22:08 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 22:08 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 21:59 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 21:59 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 15:19 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 15:19 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 15:18 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 15:18 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 15:18 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 15:18 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 15:18 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 15:18 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 15:18 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 15:18 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 15:18 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-29 17:05 - 2014-09-21 13:46 - 402282750 _____ () C:\Windows\MEMORY.DMP
2014-08-29 17:05 - 2014-08-29 17:05 - 00786120 _____ () C:\Windows\Minidump\082914-30139-01.dmp
2014-08-28 19:12 - 2014-09-20 11:00 - 00164130 _____ () C:\Windows\PFRO.log
2014-08-28 10:17 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 10:17 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 10:17 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-23 22:17 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-23 22:17 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-23 22:17 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-23 22:17 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-23 22:17 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-23 22:17 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-23 22:17 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-23 22:17 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-23 11:21 - 2014-08-23 11:21 - 00262144 ____N () C:\Windows\Minidump\082314-25350-01.dmp
2014-08-23 11:11 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-23 11:11 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-23 11:10 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-23 11:10 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-23 11:10 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-23 11:10 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-23 11:10 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-23 11:10 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-23 11:10 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-23 11:10 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-23 11:09 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-23 11:09 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-23 11:08 - 2014-08-23 11:08 - 07702208 _____ () C:\Users\Maxi\Downloads\Maroon_5_-_Maps-WEB-2014-MTZ.rar
2014-08-23 11:04 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-23 11:04 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-23 11:03 - 2014-08-23 11:03 - 50235552 _____ () C:\Users\Maxi\Downloads\25677_shprd.rar.part
2014-08-23 10:49 - 2014-08-23 11:03 - 529958512 _____ () C:\Users\Maxi\Downloads\New Eyes (Deluxe Version).rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 19:49 - 2014-09-22 19:49 - 00017963 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-09-22 19:49 - 2014-09-22 19:47 - 00000000 ____D () C:\FRST
2014-09-22 19:49 - 2011-09-03 14:12 - 01141755 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 19:48 - 2014-09-22 19:47 - 00018221 _____ () C:\Users\Maxi\Downloads\FRST.txt
2014-09-22 19:47 - 2014-09-22 19:47 - 02105856 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-09-22 19:45 - 2013-07-10 17:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 19:45 - 2013-02-19 22:17 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce0ede2304e130.job
2014-09-22 17:54 - 2009-07-14 06:45 - 00030560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 17:54 - 2009-07-14 06:45 - 00030560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 17:48 - 2011-09-04 00:08 - 00699490 _____ () C:\Windows\system32\perfh007.dat
2014-09-22 17:48 - 2011-09-04 00:08 - 00149630 _____ () C:\Windows\system32\perfc007.dat
2014-09-22 17:48 - 2009-07-14 07:13 - 01620932 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 17:47 - 2011-11-27 18:55 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 17:46 - 2014-07-27 16:58 - 00003432 _____ () C:\Windows\setupact.log
2014-09-22 17:46 - 2011-11-08 21:53 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-22 17:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 13:47 - 2014-09-21 13:46 - 01307544 _____ () C:\Windows\Minidump\092114-18267-01.dmp
2014-09-21 13:46 - 2014-08-29 17:05 - 402282750 _____ () C:\Windows\MEMORY.DMP
2014-09-21 13:46 - 2014-07-27 17:09 - 00000000 ____D () C:\Windows\Minidump
2014-09-21 12:47 - 2014-09-21 12:47 - 00001122 _____ () C:\Users\Maxi\Desktop\Amazon Music.lnk
2014-09-21 12:46 - 2014-09-21 12:45 - 39967720 _____ (Amazon) C:\Users\Maxi\Downloads\AmazonMusicInstaller.exe
2014-09-21 11:54 - 2014-08-08 10:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-20 11:00 - 2014-09-20 11:00 - 00262144 ____N () C:\Windows\Minidump\092014-41839-01.dmp
2014-09-20 11:00 - 2014-08-28 19:12 - 00164130 _____ () C:\Windows\PFRO.log
2014-09-20 10:49 - 2014-09-20 10:49 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-20 10:49 - 2014-09-20 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-20 10:49 - 2014-09-20 10:48 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-20 10:49 - 2011-09-29 22:04 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\DVDVideoSoft
2014-09-20 10:48 - 2011-09-29 22:04 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\DVDVideoSoftIEHelpers
2014-09-20 10:46 - 2014-09-20 10:46 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Maxi\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-20 10:46 - 2014-09-20 10:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 18:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-17 16:31 - 2014-09-17 16:31 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-09-17 16:31 - 2014-09-17 16:31 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-09-17 16:17 - 2014-09-15 16:51 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-17 16:17 - 2012-02-13 16:43 - 00000000 ____D () C:\ProgramData\Avira
2014-09-17 16:07 - 2014-09-17 15:55 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Bitdefender
2014-09-17 16:02 - 2014-09-17 16:02 - 00730742 _____ () C:\ProgramData\1410961909.bdinstall.bin
2014-09-17 16:01 - 2014-09-17 16:01 - 00002126 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2014-09-17 16:01 - 2014-09-17 16:01 - 00000684 ____H () C:\bdr-cf01
2014-09-17 16:01 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-09-17 16:01 - 2014-09-17 15:55 - 00253404 ____H () C:\bdr-ld01
2014-09-17 16:01 - 2014-09-17 15:55 - 00009216 ____H () C:\bdr-ld01.mbr
2014-09-17 16:01 - 2014-09-16 17:13 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-09-17 15:52 - 2014-09-16 17:14 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-17 15:52 - 2013-09-15 15:07 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-15 21:13 - 2012-08-17 09:45 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Spotify
2014-09-15 21:05 - 2012-08-17 09:45 - 00000000 ____D () C:\Users\Maxi\AppData\Local\Spotify
2014-09-15 18:11 - 2014-09-15 18:11 - 00262144 ____N () C:\Windows\Minidump\091514-25443-01.dmp
2014-09-15 16:43 - 2014-09-15 16:39 - 149527616 _____ () C:\Users\Maxi\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-14 14:30 - 2014-09-14 14:30 - 00000052 _____ () C:\Users\Maxi\Desktop\z .txt
2014-09-14 13:53 - 2014-09-14 13:53 - 00915646 _____ () C:\Users\Maxi\Downloads\Anschreibe
2014-09-14 12:15 - 2013-09-16 17:41 - 00000401 _____ () C:\Windows\system32\checkdnsid.xml
2014-09-12 22:07 - 2012-01-18 18:09 - 01594276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 22:06 - 2013-08-15 22:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 22:00 - 2012-01-21 10:48 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 21:59 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 16:18 - 2013-07-10 17:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-12 16:18 - 2012-05-16 22:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-12 16:18 - 2011-09-03 17:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-05 04:10 - 2014-09-12 15:18 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-12 15:18 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-29 17:05 - 2014-08-29 17:05 - 00786120 _____ () C:\Windows\Minidump\082914-30139-01.dmp
2014-08-29 15:51 - 2011-10-28 14:41 - 00000000 ____D () C:\Users\Maxi\Documents\Flight Simulator X-Dateien
2014-08-28 19:32 - 2012-07-01 12:22 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\vlc
2014-08-28 19:13 - 2014-07-27 16:58 - 00342528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 09:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-23 11:35 - 2013-11-10 18:07 - 00001956 _____ () C:\Users\Maxi\Desktop\FS Global Real Weather.lnk
2014-08-23 11:35 - 2013-11-10 18:07 - 00000000 ____D () C:\Program Files (x86)\FSGRW
2014-08-23 11:21 - 2014-08-23 11:21 - 00262144 ____N () C:\Windows\Minidump\082314-25350-01.dmp
2014-08-23 11:08 - 2014-08-23 11:08 - 07702208 _____ () C:\Users\Maxi\Downloads\Maroon_5_-_Maps-WEB-2014-MTZ.rar
2014-08-23 11:07 - 2011-09-04 14:50 - 00000000 ____D () C:\Users\Maxi\AppData\Local\CrashDumps
2014-08-23 11:03 - 2014-08-23 11:03 - 50235552 _____ () C:\Users\Maxi\Downloads\25677_shprd.rar.part
2014-08-23 11:03 - 2014-08-23 10:49 - 529958512 _____ () C:\Users\Maxi\Downloads\New Eyes (Deluxe Version).rar
2014-08-23 04:07 - 2014-08-28 10:17 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 10:17 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 10:17 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Maxi\AppData\Local\Temp\avgnt.exe
C:\Users\Maxi\AppData\Local\Temp\rtdrvmon.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-17 18:18

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by Maxi at 2014-09-22 19:50:24
Running from C:\Users\Maxi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
AI Traffic-Editor X (HKLM-x32\...\{9BD1769C-91BD-47A1-8DD2-77F3FED2217D}) (Version: 1.0.0 - medianetz)
AI-Aircraft Editor Version 2.0.0.8 (HKLM-x32\...\AIAircraftEditor_is1) (Version: 2.0.0.8 - Martin Gossmann)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.14.0.1088 - Bitdefender)
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DDPB (HKLM-x32\...\{748590DB-44CD-48D2-8585-2496BBFE919F}) (Version: 1.0.9 - DauDen.vn)
Dojotech Spotify Recorder (HKLM-x32\...\{D149DB2E-392E-48CC-8036-88BECC09C50A}) (Version: 3.2 - Dojotech Software)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Flash Saving Plugin (HKLM-x32\...\Flash Saving Plugin) (Version:  - )
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
FS Cabin Crew (HKLM-x32\...\{522D9652-EA10-455F-B8C5-31D82763D463}) (Version: 1.00.0000 - drubware.net)
FS Cabin Crew German Edition (HKLM-x32\...\{4AC856F9-4ED3-4C78-B5DF-2E12FF441453}) (Version: 1.00.0000 - drubware.net)
FSFDT FSCopilot (HKLM-x32\...\FSFDT FSCopilot) (Version:  - )
FSFDT FSInn (HKLM-x32\...\FSFDT FSInn) (Version:  - )
FSX FSND MD 83 version 2 (HKLM-x32\...\FSX FSND MD 83 version 2) (Version:  - )
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
G'MIC for GIMP Version 1.5.6.1 (HKLM-x32\...\G'MIC for GIMP_is1) (Version: 1.5.6.1 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
HAMA Joystick Outlandish (HKLM-x32\...\HAMA Joystick Outlandish) (Version:  - )
ICE AI Traffic Para FSX (4.00) (HKLM-x32\...\{CEC7AAF5-9C08-4F26-A5BB-60DF6B01E30E}) (Version: 4.00 - ICE AI Traffic Group)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version:  - Lexmark International, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
ODF Add-In für Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
SuperTrafficBoard for FSX (HKLM-x32\...\{97AC9531-F8A7-492B-AE4C-821683AF5712}) (Version: 3.2.0044 - Flying-W Simulation )
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
Thrustmaster Calibration Tool (HKLM-x32\...\{44B660BB-EAC5-4D4F-9890-C607DD5F7630}) (Version: 1.03.0000 - Thrustmaster)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 1.FFD.2009 - Thrustmaster)
TubeMaster++ 2.7 (HKLM-x32\...\TubeMaster++) (Version: 2.7 - GgSofts)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
War Thunder Launcher 1.0.1.269 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.8.5.1 - Winload)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-08-2014 20:16:20 Windows Update
28-08-2014 12:47:03 Windows Update
12-09-2014 14:16:10 Geplanter Prüfpunkt
12-09-2014 19:59:21 Windows Update
21-09-2014 12:24:36 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05DF4F74-7BAA-4E53-8A17-908AA55139C2} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {0F6B3921-9687-42C9-A5F2-1417D8130210} - System32\Tasks\{DBB782C7-C144-470E-ADB9-0AD407002E0B} => C:\Users\Maxi\Desktop\SoundTaxiPro-Download.exe
Task: {11B77C7F-413C-42D7-A274-AEFAAC685594} - System32\Tasks\{0379BC2E-F65C-4599-81F7-16FC850A6E39} => C:\Program Files (x86)\FlyingWSimulation\SuperTrafficBoard V3.2 FSX\TrafficBoardFrontEnd.exe [2012-11-14] (FlyingWSimulation)
Task: {1A6196DB-0C1E-4BE1-AFB2-5AE718E03E42} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1C8CC264-CD47-4E0F-A90B-20A4BFC8CA2B} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {2B1F374B-EFCA-43C3-AD87-B0BDAB421855} - System32\Tasks\{F9909810-AE7B-442B-903A-F60B37E16CE9} => C:\Users\Maxi\Desktop\cjsX1100EN.exe
Task: {2ED8E833-3692-40AA-BB2B-FE40BFEAE6CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {2ED94E90-A882-4A80-A09C-7033E2CA1280} - System32\Tasks\{032D47A1-70FE-449B-BFF2-CD25C31E936D} => C:\Users\Maxi\Desktop\Neuer Ordner (2)\flac.exe
Task: {37D07967-127E-436B-96C1-795B489F12AA} - System32\Tasks\GoogleUpdateTaskMachineUA1ce0ede2304e130 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27] (Google Inc.)
Task: {40519D45-C61F-47D7-B42A-53E575AD0BDC} - System32\Tasks\{3EF7F2A2-1E21-4610-9EAE-FC4FD83E7356} => C:\Users\Maxi\Desktop\Neuer Ordner (2)\flac.exe
Task: {4376E24A-C7B1-443C-9506-AF24B05240A8} - System32\Tasks\{91C9AE9B-C99E-45F2-9B6A-32A7C6004BB3} => C:\Users\Maxi\Desktop\SoundTaxiPro-Download.exe
Task: {4EE93FE1-4E39-44CC-901D-CAF11280FBFF} - System32\Tasks\DealPly => C:\Users\Maxi\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {55EE029E-44A4-4043-AA9F-E4C6C38C7341} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {62061DB6-A505-4AEE-81E9-C03F54F322EE} - System32\Tasks\{75CEB8F2-0B47-453A-8CB3-D1A194CCEEE9} => C:\Program Files (x86)\drubware.net\FS Cabin Crew\fscabincrewmodule.exe [2013-10-04] (drubware.net)
Task: {626885C5-238D-429F-8DEF-2715BE9AE080} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {796B4252-8BAB-4AA4-A902-F72A058F7D4F} - System32\Tasks\{590F20DD-A016-460A-A363-2EE77B661732} => C:\Program Files (x86)\FlyingWSimulation\SuperTrafficBoard V3.2 FSX\TrafficBoardFrontEnd.exe [2012-11-14] (FlyingWSimulation)
Task: {9FB542F5-F96A-4EE0-85E6-E2A621583C93} - System32\Tasks\{A8A2C9C8-D749-4FD5-B298-CF285B43E6FF} => C:\Program Files (x86)\drubware.net\FS Cabin Crew\fscabincrewmodule.exe [2013-10-04] (drubware.net)
Task: {A7F02E5F-1329-433A-BB7B-3EC13C275D50} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe
Task: {BC830272-B273-479D-8136-CA47FA55DA09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27] (Google Inc.)
Task: {F4E1C365-772C-4BD6-9F8F-6EFA4E5D157E} - System32\Tasks\{C32F8BFE-9C40-46CF-B60B-E6C38C86D760} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {FC1E2BE5-2706-426D-9109-D04239CCEA9D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {FC899BD8-0719-4CA2-9812-2EE822C718A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce0ede2304e130.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-17 16:00 - 2014-08-08 13:30 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-09-17 16:00 - 2014-08-26 16:14 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-09-17 16:00 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-09-17 16:00 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2014-09-17 16:00 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2014-09-17 16:00 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2014-09-17 16:00 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2013-11-10 15:35 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2005-09-13 16:27 - 2005-09-13 16:27 - 00054784 _____ () C:\Windows\system32\lxbkcnv4.dll
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-09-03 16:50 - 2010-01-21 01:53 - 00496232 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2011-09-03 16:50 - 2010-01-21 01:52 - 00076392 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2011-09-03 16:50 - 2010-01-21 01:53 - 00731752 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2011-09-03 16:50 - 2010-01-21 01:53 - 00209000 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2011-09-04 15:21 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\winrar\rarext.dll
2014-09-21 12:47 - 2014-09-06 02:54 - 06281536 _____ () C:\Users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe
2011-09-03 16:48 - 2010-05-24 11:10 - 00076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2011-09-03 16:48 - 2010-05-24 11:10 - 00383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-09-03 16:48 - 2010-05-24 11:10 - 00103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2011-09-03 16:48 - 2010-05-24 11:10 - 64641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-03 17:02 - 2009-03-19 22:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2011-09-03 17:02 - 2009-03-19 22:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2011-09-03 17:02 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2011-09-03 17:02 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Maxi\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Maxi\Downloads\AmazonMusicInstaller.exe:BDU
AlternateDataStreams: C:\Users\Maxi\Downloads\Firefox_Setup_de31.0.exe:BDU
AlternateDataStreams: C:\Users\Maxi\Downloads\Fs-traffic.dll_Error_Repair-WinThruster.exe:BDU
AlternateDataStreams: C:\Users\Maxi\Downloads\Saitek_Pro_Flight_Quad_SD6_00000040_64_Drivers_pfw.exe:BDU
AlternateDataStreams: C:\Users\Maxi\Downloads\TuneUpUtilities2014_de-DE.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2014 03:52:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FS Global Real Weather.exe, Version 1.7.25.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 990

Startzeit: 01cfc36130a5a5c0

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\FSGRW\FS Global Real Weather.exe

Berichts-ID: b6c8fce1-2f83-11e4-b024-0270722b0501

Error: (08/29/2014 03:51:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61472.0, Zeitstempel: 0x475e17d3
Name des fehlerhaften Moduls: dinput.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bd9c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a495
ID des fehlerhaften Prozesses: 0x1374
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3

Error: (08/23/2014 04:12:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FS Global Real Weather.exe, Version 1.7.25.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b58

Startzeit: 01cfbeb76028a210

Endzeit: 25

Anwendungspfad: C:\Program Files (x86)\FSGRW\FS Global Real Weather.exe

Berichts-ID: 7908eb31-2acf-11e4-aea7-0220b4530501

Error: (08/23/2014 04:12:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61472.0, Zeitstempel: 0x475e17d3
Name des fehlerhaften Moduls: dinput.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bd9c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a495
ID des fehlerhaften Prozesses: 0xf84
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3

Error: (08/23/2014 11:49:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61472.0, Zeitstempel: 0x475e17d3
Name des fehlerhaften Moduls: dinput.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bd9c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a495
ID des fehlerhaften Prozesses: 0x1688
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3

Error: (08/23/2014 11:07:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18429, Zeitstempel: 0x5330ecd9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000003505c5
ID des fehlerhaften Prozesses: 0xf24
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/07/2014 04:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpSystemStatusCheck.exe, Version: 14.0.1000.340, Zeitstempel: 0x53c63655
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc24
ID des fehlerhaften Prozesses: 0x1680
Startzeit der fehlerhaften Anwendung: 0xTuneUpSystemStatusCheck.exe0
Pfad der fehlerhaften Anwendung: TuneUpSystemStatusCheck.exe1
Pfad des fehlerhaften Moduls: TuneUpSystemStatusCheck.exe2
Berichtskennung: TuneUpSystemStatusCheck.exe3

Error: (08/04/2014 03:42:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FS Global Real Weather.exe, Version 1.7.23.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 135c

Startzeit: 01cfafb9a0b82150

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\FSGRW\FS Global Real Weather.exe

Berichts-ID: 234feb41-1bdd-11e4-b046-0260402a0501

Error: (08/01/2014 02:23:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm fsx.exe, Version 10.0.61472.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13c8

Startzeit: 01cfad754dd34500

Endzeit: 247

Anwendungspfad: C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe

Berichts-ID: a16120d1-1976-11e4-ae07-0270ee470501

Error: (08/01/2014 10:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61472.0, Zeitstempel: 0x475e17d3
Name des fehlerhaften Moduls: dinput.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bd9c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a495
ID des fehlerhaften Prozesses: 0xd34
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3


System errors:
=============
Error: (09/22/2014 07:48:39 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{814C3C8B-7D03-491E-B1FE-2C33CB9BABD8}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (09/22/2014 07:45:52 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/22/2014 07:45:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (09/22/2014 07:45:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/22/2014 06:05:12 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/22/2014 05:55:55 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/22/2014 05:54:48 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/22/2014 05:53:20 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/22/2014 05:49:52 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/21/2014 08:51:11 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 


Microsoft Office Sessions:
=========================
Error: (08/29/2014 03:52:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FS Global Real Weather.exe1.7.25.099001cfc36130a5a5c018C:\Program Files (x86)\FSGRW\FS Global Real Weather.exeb6c8fce1-2f83-11e4-b024-0270722b0501

Error: (08/29/2014 03:51:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.61472.0475e17d3dinput.DLL6.1.7600.163854a5bd9c0c00000050000a495137401cfc3612a0b9580C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\system32\dinput.DLL9e0b85b0-2f83-11e4-b024-0270722b0501

Error: (08/23/2014 04:12:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FS Global Real Weather.exe1.7.25.0b5801cfbeb76028a21025C:\Program Files (x86)\FSGRW\FS Global Real Weather.exe7908eb31-2acf-11e4-aea7-0220b4530501

Error: (08/23/2014 04:12:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.61472.0475e17d3dinput.DLL6.1.7600.163854a5bd9c0c00000050000a495f8401cfbeb796524b70C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\system32\dinput.DLL7ad1c450-2acf-11e4-aea7-0220b4530501

Error: (08/23/2014 11:49:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.61472.0475e17d3dinput.DLL6.1.7600.163854a5bd9c0c00000050000a495168801cfbeb53bab93e0C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\system32\dinput.DLLc9bb55b0-2aaa-11e4-aea7-0220b4530501

Error: (08/23/2014 11:07:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4SHELL32.dll6.1.7601.184295330ecd9c000000500000000003505c5f2401cfbeadbe4c2a60C:\Windows\Explorer.EXEC:\Windows\system32\SHELL32.dllefdd7a30-2aa4-11e4-ae49-0240e7310501

Error: (08/07/2014 04:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TuneUpSystemStatusCheck.exe14.0.1000.34053c63655ole32.dll6.1.7601.175144ce7b96fc00000050003bc24168001cfb24f7dd4db40C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpSystemStatusCheck.exeC:\Windows\syswow64\ole32.dllcbed7080-1e42-11e4-b0a1-0220743b0501

Error: (08/04/2014 03:42:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FS Global Real Weather.exe1.7.23.0135c01cfafb9a0b821507C:\Program Files (x86)\FSGRW\FS Global Real Weather.exe234feb41-1bdd-11e4-b046-0260402a0501

Error: (08/01/2014 02:23:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: fsx.exe10.0.61472.013c801cfad754dd34500247C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exea16120d1-1976-11e4-ae07-0270ee470501

Error: (08/01/2014 10:07:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fsx.exe10.0.61472.0475e17d3dinput.DLL6.1.7600.163854a5bd9c0c00000050000a495d3401cfad5c5b443960C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeC:\Windows\system32\dinput.DLLe9e16140-1952-11e4-a6c9-02d0a5490501


CodeIntegrity Errors:
===================================
  Date: 2012-09-06 11:24:56.336
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-09-06 11:24:56.283
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-09-06 11:24:34.901
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-09-06 11:24:34.848
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-09-06 11:23:22.141
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-09-06 11:23:22.086
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 28%
Total physical RAM: 4095.23 MB
Available physical RAM: 2940.53 MB
Total Pagefile: 8188.63 MB
Available Pagefile: 6390.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.85 GB) (Free:312.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:13.82 GB) (Free:13.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000140AE)
Partition 1: (Active) - (Size=451.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

LG

schrauber · 23.09.2014, 18:28

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

maxwell0901 · 23.09.2014, 20:12

Hi,
vielen Dank für die Hilfe, anbei die log.txt

Code:

ATTFilter

ComboFix 14-09-22.01 - Maxi 23.09.2014  20:56:37.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4095.2495 [GMT 2:00]
ausgeführt von:: c:\users\Maxi\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Firewall *Disabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-23 bis 2014-09-23  ))))))))))))))))))))))))))))))
.
.
2014-09-23 19:03 . 2014-09-23 19:03	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-22 17:47 . 2014-09-22 17:51	--------	d-----w-	C:\FRST
2014-09-21 10:47 . 2014-09-21 10:47	--------	d-----w-	c:\users\Maxi\AppData\Local\Amazon Music
2014-09-20 08:48 . 2014-09-20 08:49	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2014-09-20 08:48 . 2014-09-20 08:49	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2014-09-17 14:31 . 2014-09-17 14:31	76944	----a-w-	c:\windows\system32\drivers\bdvedisk.sys
2014-09-17 14:31 . 2014-09-17 14:31	74512	----a-w-	c:\windows\system32\bdsandboxuiskin32.dll
2014-09-17 14:00 . 2013-11-13 13:41	93600	----a-w-	c:\windows\system32\drivers\BdfNdisf6.sys
2014-09-17 14:00 . 2013-11-04 13:47	82824	----a-w-	c:\windows\system32\drivers\bdsandbox.sys
2014-09-17 14:00 . 2014-05-16 11:04	647752	----a-w-	c:\windows\system32\drivers\avckf.sys
2014-09-17 14:00 . 2014-05-16 11:01	1260120	----a-w-	c:\windows\system32\drivers\avc3.sys
2014-09-17 13:55 . 2014-09-17 14:07	--------	d-----w-	c:\users\Maxi\AppData\Roaming\Bitdefender
2014-09-17 13:55 . 2013-08-13 11:38	3271472	---ha-w-	C:\bdr-bz01
2014-09-17 13:52 . 2013-08-23 11:48	150256	----a-w-	c:\windows\system32\drivers\gzflt.sys
2014-09-17 13:52 . 2014-07-02 15:47	419616	----a-w-	c:\windows\system32\drivers\trufos.sys
2014-09-16 15:23 . 2013-11-04 13:47	74512	----a-w-	c:\windows\SysWow64\bdsandboxuiskin32.dll
2014-09-16 15:14 . 2014-09-17 13:52	--------	d-----w-	c:\program files\Bitdefender
2014-09-16 15:13 . 2014-09-17 14:01	--------	d-----w-	c:\programdata\Bitdefender
2014-09-16 15:13 . 2013-11-04 13:47	84848	----a-w-	c:\windows\system32\BDSandBoxUISkin.dll
2014-09-16 15:13 . 2013-11-04 13:46	34384	----a-w-	c:\windows\system32\BDSandBoxUH.dll
2014-09-15 14:51 . 2014-09-17 14:17	--------	d-----w-	c:\program files (x86)\Avira
2014-09-12 20:08 . 2014-08-18 21:51	446464	----a-w-	c:\windows\system32\dxtmsft.dll
2014-09-12 19:59 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-09-12 19:59 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-12 13:19 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-09-12 13:19 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-09-12 13:18 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-09-12 13:18 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-09-12 13:18 . 2014-07-07 02:06	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-09-12 13:18 . 2014-07-07 02:06	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-09-12 13:18 . 2014-07-07 01:40	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-09-12 13:18 . 2014-07-07 01:40	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-09-12 13:18 . 2014-07-07 01:39	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-09-12 13:18 . 2014-09-05 02:10	578048	----a-w-	c:\windows\system32\aepdu.dll
2014-09-12 13:18 . 2014-09-05 02:05	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-08-28 08:17 . 2014-08-23 02:07	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-28 08:17 . 2014-08-23 01:45	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-28 08:17 . 2014-08-23 00:59	3163648	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-23 18:22 . 2012-05-16 20:03	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-23 18:22 . 2011-09-03 15:12	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-12 20:00 . 2012-01-21 08:48	101694776	----a-w-	c:\windows\system32\MRT.exe
2014-07-25 00:35 . 2014-07-25 00:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 08:24 . 2014-07-24 08:42	40760	----a-w-	c:\windows\system32\TURegOpt.exe
2014-07-16 08:24 . 2014-07-24 08:42	29496	----a-w-	c:\windows\system32\authuitu.dll
2014-07-16 08:24 . 2014-07-24 08:42	25400	----a-w-	c:\windows\SysWow64\authuitu.dll
2014-07-16 03:23 . 2014-08-23 09:11	2048	----a-w-	c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-23 09:11	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-23 09:04	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-23 09:04	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-07-07 22:32 . 2014-07-07 22:32	0	---ha-w-	c:\users\Maxi\AppData\Local\BITF797.tmp
2014-06-30 22:24 . 2014-08-23 20:17	8856	----a-w-	c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-23 20:17	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2013-12-06 22:19 . 2013-12-06 22:19	49940480	----a-w-	c:\program files (x86)\GUT8570.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spotify Web Helper"="c:\users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-08-28 1245752]
"Bitdefender-Geldbörse-Agent"="c:\program files\Bitdefender\Bitdefender 2015\bdwtxag.exe" [2014-08-14 815088]
"Amazon Music"="c:\users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-09-06 6281536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-05-24 2439072]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2014-02-07 443408]
"RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2014-05-07 4493824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [x]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 DrmRAudio;DrmRAudio;c:\windows\system32\drivers\DrmRAudio.sys;c:\windows\SYSNATIVE\drivers\DrmRAudio.sys [x]
R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe;c:\windows\SysWOW64\GSService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 SaiH0C2D;SaiH0C2D;c:\windows\system32\DRIVERS\SaiH0C2D.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH0C2D.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WmaCAudio;WmaCAudio;c:\windows\system32\drivers\WmaCAudio.sys;c:\windows\SYSNATIVE\drivers\WmaCAudio.sys [x]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(1).sys [x]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(2).sys [x]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(3).sys [x]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(4).sys [x]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(5).sys [x]
R4 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
R4 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
R4 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe;c:\windows\SYSNATIVE\lxbkcoms.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2015\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2015\updatesrv.exe [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 18:22]
.
2014-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 16:55]
.
2014-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce0ede2304e130.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-27 16:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxbkbmgr.exe"="c:\program files (x86)\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2013-04-16 454144]
"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2015\bdagent.exe" [2014-08-20 1580360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 192.168.*.*
IE: Save Flash - c:\program files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
IE: Save YouTube Video - c:\program files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Maxi\AppData\Roaming\mozilla\firefox\Profiles\2gs3k6tl.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3194724861-4292890466-1671743591-1000\Software\SecuROM\License information*]
"datasecu"=hex:62,7c,86,22,c8,9b,61,81,5a,91,6b,f2,25,b6,28,8a,90,2f,e4,2f,1d,
   09,72,95,54,8e,5f,ff,9c,59,20,72,2d,18,be,ac,98,d2,9a,76,e0,64,90,f4,f9,30,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-09-23  21:07:05
ComboFix-quarantined-files.txt  2014-09-23 19:07
ComboFix2.txt  2014-09-23 18:46
.
Vor Suchlauf: 17 Verzeichnis(se), 340.286.726.144 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 340.222.054.400 Bytes frei
.
- - End Of File - - 78935961773B284A4E3E6060B6A1274C
A36C5E4F47E84449FF07ED3517B43A31

LG Maxi

schrauber · 24.09.2014, 11:38

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

maxwell0901 · 24.09.2014, 17:27

Hi,
vielen Dank für die schnelle Antwort.
Anbei die txt Dateien:
mbam.txt

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 24.09.2014
Suchlauf-Zeit: 17:17:45
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.24.07
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Maxi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 338623
Verstrichene Zeit: 20 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 14
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [750200f1bebd77bf682cae1850b20bf5], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [750200f1bebd77bf682cae1850b20bf5], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-3194724861-4292890466-1671743591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [1265e50c582357dfbc6af7963cc603fd], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [c8afd120c5b6bb7b4581312e9470d729], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [b9bef0013447a096808f978a39cafa06], 
PUP.Optional.qvo6.A, HKLM\SOFTWARE\WOW6432NODE\qvo6Software, In Quarantäne, [a8cf757ccdaebf7733434412c73d7987], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [1661a24fbcbfe056ffc78bd4b74d05fb], 
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, In Quarantäne, [76012bc683f8290d5fc84bcdbb4842be], 
PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, In Quarantäne, [185fe60bf98260d6c09bae8de61d21df], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-3194724861-4292890466-1671743591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [651230c1c9b2b383db2cb3a138ccb24e], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3194724861-4292890466-1671743591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [5c1b14dda3d85adca4a1c57320e3cc34], 
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3194724861-4292890466-1671743591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhp, In Quarantäne, [adca975a1e5d03332120749559aace32], 
PUP.Optional.Qone8, HKU\S-1-5-21-3194724861-4292890466-1671743591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [87f01ed36d0e7eb8b80d4d12a460857b], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3194724861-4292890466-1671743591-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [ee89f8f9e8935dd9e4184ede2bd89e62], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[3a3da64baad171c54cf721ebc3427b85]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[90e747aa49320c2a9ea564a8ce3719e7]

Ordner: 18
PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log, In Quarantäne, [0770e40d0873171fd446e05a41c2fb05], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\1, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\3, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\35, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\36, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\39, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\4, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\41, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\42, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\sysicons, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly, In Quarantäne, [3740628f9dde2511c9b6d67db74dee12], 

Dateien: 89
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Omiga Plus\wallpaper_components.exe, In Quarantäne, [403717da6e0db0862e2d66ccbb4a38c8], 
PUP.Optional.Conduit.A, C:\Users\Maxi\AppData\Local\Conduit\CT2319825\WinloadAutoUpdateHelper.exe, In Quarantäne, [7106bd34512a49ed600856c853ad51af], 
PUP.Optional.DealPly.A, C:\Windows\System32\Tasks\DealPly, In Quarantäne, [da9ddf12691244f2a56f37e46b98f907], 
PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log\eGdpSvc.LOG, In Quarantäne, [0770e40d0873171fd446e05a41c2fb05], 
PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log\eSafeSvc.LOG, In Quarantäne, [0770e40d0873171fd446e05a41c2fb05], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote.xml, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\accelerate, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg_list.xml, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_list.xml, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_settings.ini, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\firstrun, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\process_mgr.xml, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\1\angrybirds.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\3\BigFarm.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\35\Gmail.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\35\Gmail.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\36\Outlook.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\36\Outlook.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\39\ESPN.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\39\ESPN.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\4\Empire.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\4\Empire.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\41\gcalendar.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\42\pulse.db, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\app\config\42\pulse.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\chrome_86ad215464f8170bde87d3ce425ea7c6.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\chrome_86ad215464f8170bde87d3ce425ea7c6_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Google_60d75cb277f0c452fa60dba8350caf65_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\iexplore_d961e92e13d8a8cf69b4ca0a867c77bd.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\iexplore_d961e92e13d8a8cf69b4ca0a867c77bd_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\337.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\barbie.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\facebook.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\GameCenter.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\google.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\Google_60d75cb277f0c452fa60dba8350caf65.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\mario.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\twitter.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\v9.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\youtube.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\sysicons\imageres.dll_104.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\sysicons\imageres.dll_107.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\sysicons\shell32.dll_21.ico, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r0.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r1.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r2.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r3.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r4.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r5.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r6.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r7.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r8.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.Optional.Desk365.A, C:\Users\Maxi\AppData\Roaming\Desk 365\wp\r9.jpg, In Quarantäne, [ef88df12ccafdb5b0af5ff52956f1ee2], 
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk, In Quarantäne, [3740628f9dde2511c9b6d67db74dee12], 
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.lnk, In Quarantäne, [3740628f9dde2511c9b6d67db74dee12], 
PUP.OPtional.Dealply.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.lnk, In Quarantäne, [3740628f9dde2511c9b6d67db74dee12], 
PUP.Optional.BrowserDefender.A, C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage, In Quarantäne, [4f28b140d2a90333d386ce8935cffb05], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Adwcleaner.txt

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 24/09/2014 um 18:04:19
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Maxi - MAXI-PC
# Gestartet von : C:\Users\Maxi\Downloads\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\Winload
Ordner Gelöscht : C:\Users\Maxi\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Maxi\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Maxi\AppData\LocalLow\Winload
Ordner Gelöscht : C:\Users\Maxi\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Maxi\AppData\Roaming\DeviceVM
Ordner Gelöscht : C:\Users\Maxi\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Maxi\AppData\Roaming\eIntaller
Ordner Gelöscht : C:\Users\Maxi\AppData\Roaming\Omiga Plus
Ordner Gelöscht : C:\Users\Maxi\AppData\Roaming\WinZipper

***** [ Tasks ] *****

Task Gelöscht : Dealply
Task Gelöscht : Desk 365 RunAsStdUser
Task Gelöscht : Omiga Plus RunAsStdUser

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Maxi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_replay-music_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_replay-music_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_super_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_super_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4D494D9D-1436-41D8-AC95-35AA4F4AEFAF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AA0B768-2F14-46C3-BF84-02B194BD2697}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96BAAAB8-9506-4799-B62E-DB2FA2172208}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\winload
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\winload
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Desksvc
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\omigaplusSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Solvusoft
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\winload
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.2 (x86 de)

[ Datei : C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\2gs3k6tl.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [6577 octets] - [24/09/2014 18:01:23]
AdwCleaner[S0].txt - [5515 octets] - [24/09/2014 18:04:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5575 octets] ##########

JRT.txt

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.0 (09.22.2014:1)
OS: Windows 7 Professional x64
Ran by Maxi on 24.09.2014 at 18:10:33.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{116C6F52-A7E4-4ECB-9AFA-5F063E52C0BB}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F81D52BF-F2F1-4F49-BF5F-05664E803039}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F81D52BF-F2F1-4F49-BF5F-05664E803039}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Maxi\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Maxi\AppData\Roaming\mozilla\firefox\profiles\2gs3k6tl.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.09.2014 at 18:13:12.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Maxi (administrator) on MAXI-PC on 24-09-2014 18:16:07
Running from C:\Users\Maxi\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
( ) C:\Windows\System32\lxbkcoms.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
() C:\Users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1580360 2014-08-20] (Bitdefender)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Spotify Web Helper] => C:\Users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-28] (Spotify Ltd)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [815088 2014-08-14] (Bitdefender)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Amazon Music] => C:\Users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\2gs3k6tl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\2gs3k6tl.default\Extensions\abs@avira.com [2014-09-15]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-09-17]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-09-17]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-11]
CHR Extension: (Google Drive) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-11]
CHR Extension: (YouTube) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-11]
CHR Extension: (Google-Suche) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-11]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Mail) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [77632 2014-08-08] (Bitdefender)
S4 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-06-17] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
S4 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
S4 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-08-08] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1513952 2014-08-11] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-05-16] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
S3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [34528 2013-03-28] (Windows (R) Win 7 DDK provider)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SaiH0C2D; C:\Windows\System32\DRIVERS\SaiH0C2D.sys [176128 2007-07-02] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-07-02] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 WmaCAudio; C:\Windows\System32\drivers\WmaCAudio.sys [34528 2013-06-17] (Windows (R) Win 7 DDK provider)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 18:16 - 2014-09-24 18:16 - 00014993 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-09-24 18:15 - 2014-09-24 18:15 - 00000000 ____D () C:\Users\Maxi\Desktop\FRST-OlderVersion
2014-09-24 18:13 - 2014-09-24 18:13 - 00001453 _____ () C:\Users\Maxi\Desktop\JRT.txt
2014-09-24 18:10 - 2014-09-24 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-09-24 18:08 - 2014-09-24 18:08 - 01024790 _____ (Thisisu) C:\Users\Maxi\Desktop\JRT.exe
2014-09-24 18:07 - 2014-09-24 18:07 - 00005655 _____ () C:\Users\Maxi\Desktop\AdwCleaner[S0].txt
2014-09-24 18:01 - 2014-09-24 18:04 - 00000000 ____D () C:\AdwCleaner
2014-09-24 18:00 - 2014-09-24 18:00 - 01373475 _____ () C:\Users\Maxi\Downloads\AdwCleaner_3.310.exe
2014-09-24 17:39 - 2014-09-24 17:39 - 00019591 _____ () C:\Users\Maxi\Desktop\mbam.txt
2014-09-24 17:16 - 2014-09-24 17:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 17:16 - 2014-09-24 17:16 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-24 17:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-24 17:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-24 17:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 17:15 - 2014-09-24 17:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maxi\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-23 21:07 - 2014-09-23 21:07 - 00020716 _____ () C:\ComboFix.txt
2014-09-23 20:26 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-23 20:26 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-23 20:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-23 20:25 - 2014-09-23 21:07 - 00000000 ____D () C:\Qoobox
2014-09-23 20:25 - 2014-09-23 20:42 - 00000000 ____D () C:\Windows\erdnt
2014-09-23 20:22 - 2014-09-23 20:22 - 05579290 ____R (Swearware) C:\Users\Maxi\Desktop\ComboFix.exe
2014-09-23 18:01 - 2014-09-23 18:01 - 03129123 _____ () C:\Users\Maxi\Downloads\Anhänge_20140923.zip
2014-09-22 19:47 - 2014-09-24 18:16 - 00000000 ____D () C:\FRST
2014-09-22 19:47 - 2014-09-24 18:15 - 02106880 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-09-22 19:47 - 2014-09-22 19:48 - 00018221 _____ () C:\Users\Maxi\Downloads\FRST.txt
2014-09-21 13:46 - 2014-09-21 13:47 - 01307544 _____ () C:\Windows\Minidump\092114-18267-01.dmp
2014-09-21 12:47 - 2014-09-21 12:47 - 00001122 _____ () C:\Users\Maxi\Desktop\Amazon Music.lnk
2014-09-21 12:45 - 2014-09-21 12:46 - 39967720 _____ (Amazon) C:\Users\Maxi\Downloads\AmazonMusicInstaller.exe
2014-09-20 11:00 - 2014-09-20 11:00 - 00262144 ____N () C:\Windows\Minidump\092014-41839-01.dmp
2014-09-20 10:49 - 2014-09-20 10:49 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-20 10:49 - 2014-09-20 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-20 10:48 - 2014-09-20 10:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-20 10:46 - 2014-09-20 10:46 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Maxi\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-20 10:45 - 2014-09-20 10:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 16:31 - 2014-09-17 16:31 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-09-17 16:31 - 2014-09-17 16:31 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-09-17 16:01 - 2014-09-17 16:01 - 00002126 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2014-09-17 16:01 - 2014-09-17 16:01 - 00000684 ____H () C:\bdr-cf01
2014-09-17 16:01 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-09-17 16:00 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-09-17 16:00 - 2014-05-16 13:01 - 01260120 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-09-17 16:00 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-09-17 16:00 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-09-17 15:55 - 2014-09-17 16:07 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Bitdefender
2014-09-17 15:55 - 2014-09-17 16:01 - 00253404 ____H () C:\bdr-ld01
2014-09-17 15:55 - 2014-09-17 16:01 - 00009216 ____H () C:\bdr-ld01.mbr
2014-09-17 15:55 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2014-09-17 15:55 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-09-17 15:52 - 2014-07-02 17:47 - 00419616 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-09-17 15:52 - 2013-08-23 13:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-09-16 17:23 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-09-16 17:14 - 2014-09-17 15:52 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-16 17:13 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-09-16 17:13 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-09-16 17:13 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-09-15 18:11 - 2014-09-15 18:11 - 00262144 ____N () C:\Windows\Minidump\091514-25443-01.dmp
2014-09-15 16:51 - 2014-09-17 16:17 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-15 16:39 - 2014-09-15 16:43 - 149527616 _____ () C:\Users\Maxi\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-14 14:30 - 2014-09-14 14:30 - 00000052 _____ () C:\Users\Maxi\Desktop\z .txt
2014-09-14 13:53 - 2014-09-14 13:53 - 00915646 _____ () C:\Users\Maxi\Downloads\Anschreibe
2014-09-12 22:09 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 22:09 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 22:09 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 22:09 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 22:09 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 22:09 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 22:09 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 22:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 22:09 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 22:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 22:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 22:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 22:08 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 22:08 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 22:08 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 22:08 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 22:08 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 22:08 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 22:08 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 22:08 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 22:08 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 22:08 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 22:08 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 22:08 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 22:08 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 22:08 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 22:08 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 22:08 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 22:08 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 22:08 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 22:08 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 22:08 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 22:08 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 22:08 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 22:08 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 22:08 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 22:08 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 22:08 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 22:08 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 22:08 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 22:08 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 22:08 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 22:08 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 22:08 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 22:08 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 22:08 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 22:08 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 22:08 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 22:08 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 22:08 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 22:08 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 22:08 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 22:08 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 21:59 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 21:59 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 15:19 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 15:19 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 15:18 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 15:18 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 15:18 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 15:18 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 15:18 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 15:18 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 15:18 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 15:18 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 15:18 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-29 17:05 - 2014-09-21 13:46 - 402282750 _____ () C:\Windows\MEMORY.DMP
2014-08-29 17:05 - 2014-08-29 17:05 - 00786120 _____ () C:\Windows\Minidump\082914-30139-01.dmp
2014-08-28 19:12 - 2014-09-24 18:05 - 00195346 _____ () C:\Windows\PFRO.log
2014-08-28 10:17 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 10:17 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 10:17 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-24 18:17 - 2014-09-24 18:16 - 00014993 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-09-24 18:16 - 2014-09-22 19:47 - 00000000 ____D () C:\FRST
2014-09-24 18:15 - 2014-09-24 18:15 - 00000000 ____D () C:\Users\Maxi\Desktop\FRST-OlderVersion
2014-09-24 18:15 - 2014-09-22 19:47 - 02106880 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-09-24 18:13 - 2014-09-24 18:13 - 00001453 _____ () C:\Users\Maxi\Desktop\JRT.txt
2014-09-24 18:13 - 2009-07-14 06:45 - 00030560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-24 18:13 - 2009-07-14 06:45 - 00030560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-24 18:10 - 2014-09-24 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-09-24 18:10 - 2011-09-03 14:12 - 01271131 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 18:08 - 2014-09-24 18:08 - 01024790 _____ (Thisisu) C:\Users\Maxi\Desktop\JRT.exe
2014-09-24 18:07 - 2014-09-24 18:07 - 00005655 _____ () C:\Users\Maxi\Desktop\AdwCleaner[S0].txt
2014-09-24 18:06 - 2014-07-27 16:58 - 00003656 _____ () C:\Windows\setupact.log
2014-09-24 18:06 - 2011-11-27 18:55 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-24 18:06 - 2011-11-08 21:53 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-24 18:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 18:05 - 2014-08-28 19:12 - 00195346 _____ () C:\Windows\PFRO.log
2014-09-24 18:04 - 2014-09-24 18:01 - 00000000 ____D () C:\AdwCleaner
2014-09-24 18:04 - 2011-09-03 16:34 - 00000993 _____ () C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-24 18:00 - 2014-09-24 18:00 - 01373475 _____ () C:\Users\Maxi\Downloads\AdwCleaner_3.310.exe
2014-09-24 18:00 - 2013-02-19 22:17 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce0ede2304e130.job
2014-09-24 17:39 - 2014-09-24 17:39 - 00019591 _____ () C:\Users\Maxi\Desktop\mbam.txt
2014-09-24 17:18 - 2013-07-10 17:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-24 17:17 - 2014-09-24 17:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 17:16 - 2014-09-24 17:16 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-24 17:15 - 2014-09-24 17:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maxi\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-23 21:07 - 2014-09-23 21:07 - 00020716 _____ () C:\ComboFix.txt
2014-09-23 21:07 - 2014-09-23 20:25 - 00000000 ____D () C:\Qoobox
2014-09-23 21:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-23 20:46 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-23 20:42 - 2014-09-23 20:25 - 00000000 ____D () C:\Windows\erdnt
2014-09-23 20:22 - 2014-09-23 20:22 - 05579290 ____R (Swearware) C:\Users\Maxi\Desktop\ComboFix.exe
2014-09-23 20:22 - 2013-07-10 17:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 20:22 - 2012-05-16 22:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 20:22 - 2011-09-03 17:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 18:01 - 2014-09-23 18:01 - 03129123 _____ () C:\Users\Maxi\Downloads\Anhänge_20140923.zip
2014-09-22 19:48 - 2014-09-22 19:47 - 00018221 _____ () C:\Users\Maxi\Downloads\FRST.txt
2014-09-22 17:48 - 2011-09-04 00:08 - 00699490 _____ () C:\Windows\system32\perfh007.dat
2014-09-22 17:48 - 2011-09-04 00:08 - 00149630 _____ () C:\Windows\system32\perfc007.dat
2014-09-22 17:48 - 2009-07-14 07:13 - 01620932 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 13:47 - 2014-09-21 13:46 - 01307544 _____ () C:\Windows\Minidump\092114-18267-01.dmp
2014-09-21 13:46 - 2014-08-29 17:05 - 402282750 _____ () C:\Windows\MEMORY.DMP
2014-09-21 13:46 - 2014-07-27 17:09 - 00000000 ____D () C:\Windows\Minidump
2014-09-21 12:47 - 2014-09-21 12:47 - 00001122 _____ () C:\Users\Maxi\Desktop\Amazon Music.lnk
2014-09-21 12:46 - 2014-09-21 12:45 - 39967720 _____ (Amazon) C:\Users\Maxi\Downloads\AmazonMusicInstaller.exe
2014-09-21 11:54 - 2014-08-08 10:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-20 11:00 - 2014-09-20 11:00 - 00262144 ____N () C:\Windows\Minidump\092014-41839-01.dmp
2014-09-20 10:49 - 2014-09-20 10:49 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-20 10:49 - 2014-09-20 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-20 10:49 - 2014-09-20 10:48 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-20 10:49 - 2011-09-29 22:04 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\DVDVideoSoft
2014-09-20 10:46 - 2014-09-20 10:46 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Maxi\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-20 10:46 - 2014-09-20 10:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 18:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-17 16:31 - 2014-09-17 16:31 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-09-17 16:31 - 2014-09-17 16:31 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-09-17 16:17 - 2014-09-15 16:51 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-17 16:17 - 2012-02-13 16:43 - 00000000 ____D () C:\ProgramData\Avira
2014-09-17 16:07 - 2014-09-17 15:55 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Bitdefender
2014-09-17 16:01 - 2014-09-17 16:01 - 00002126 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2014-09-17 16:01 - 2014-09-17 16:01 - 00000684 ____H () C:\bdr-cf01
2014-09-17 16:01 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-09-17 16:01 - 2014-09-17 15:55 - 00253404 ____H () C:\bdr-ld01
2014-09-17 16:01 - 2014-09-17 15:55 - 00009216 ____H () C:\bdr-ld01.mbr
2014-09-17 16:01 - 2014-09-16 17:13 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-09-17 15:52 - 2014-09-16 17:14 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-17 15:52 - 2013-09-15 15:07 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-15 21:13 - 2012-08-17 09:45 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Spotify
2014-09-15 21:05 - 2012-08-17 09:45 - 00000000 ____D () C:\Users\Maxi\AppData\Local\Spotify
2014-09-15 18:11 - 2014-09-15 18:11 - 00262144 ____N () C:\Windows\Minidump\091514-25443-01.dmp
2014-09-15 16:43 - 2014-09-15 16:39 - 149527616 _____ () C:\Users\Maxi\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-14 14:30 - 2014-09-14 14:30 - 00000052 _____ () C:\Users\Maxi\Desktop\z .txt
2014-09-14 13:53 - 2014-09-14 13:53 - 00915646 _____ () C:\Users\Maxi\Downloads\Anschreibe
2014-09-14 12:15 - 2013-09-16 17:41 - 00000401 _____ () C:\Windows\system32\checkdnsid.xml
2014-09-12 22:07 - 2012-01-18 18:09 - 01594276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 22:06 - 2013-08-15 22:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 22:00 - 2012-01-21 10:48 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 21:59 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-05 04:10 - 2014-09-12 15:18 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-12 15:18 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-29 17:05 - 2014-08-29 17:05 - 00786120 _____ () C:\Windows\Minidump\082914-30139-01.dmp
2014-08-29 15:51 - 2011-10-28 14:41 - 00000000 ____D () C:\Users\Maxi\Documents\Flight Simulator X-Dateien
2014-08-28 19:32 - 2012-07-01 12:22 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\vlc
2014-08-28 19:13 - 2014-07-27 16:58 - 00342528 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Maxi\AppData\Local\Temp\Quarantine.exe
C:\Users\Maxi\AppData\Local\Temp\rtdrvmon.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-17 18:18

==================== End Of Log ============================

--- --- ---

--- --- ---

LG Maxi

schrauber · 25.09.2014, 08:55

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

maxwell0901 · 25.09.2014, 19:22

Hi,
anbei die verschiedenen txt.
log.txt (ESEt scan hat eeeeewig gebraucht)

Code:

ATTFilter

# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=48103d8ed102c2428a5b2effb2bae1fb
# engine=20295
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-25 05:36:06
# local_time=2014-09-25 07:36:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2066 16777213 100 100 14604 115515475 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 32518960 163296416 0 0
# scanned=463204
# found=16
# cleaned=0
# scan_time=14291
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\ldrtbWinl.dll.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\prxtbWinl.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\tbWinl.dll.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winload\WinloadToolbarHelper.exe.vir"
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=DACCEF26229D06C78049B88C7BE2772EA347B8A2 ft=1 fh=fefb97b647b2f1e6 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\hk64tbWin2.dll.vir"
sh=A473F1057D0844C61ED68047F97C6CD8B3F79F51 ft=1 fh=851ca62d1383db26 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\hktbWin2.dll.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\ldrtbWin0.dll.vir"
sh=28F30DCBC3836B85CF84C0445F20FDD74276105F ft=1 fh=a5122cc400caea7d vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\ldrtbWin2.dll.vir"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\ldrtbWinl.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\tbWin0.dll.vir"
sh=74EDCD9720A9743DF258703EFAB1400762FAEFA3 ft=1 fh=4d56f1daf690e0d4 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\tbWin1.dll.vir"
sh=4C716303AC281E9F6F92DBAA25DFCF342B2E8300 ft=1 fh=2ce425e33ba62b65 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\tbWin2.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\tbWinl.dll.vir"
sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maxi\AppData\LocalLow\Winload\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir"
sh=C0E28878041F7708BC82DD28153719E88A91C1BA ft=1 fh=0e746c2d3c3fdba6 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maxi\Downloads\Fs-traffic.dll_Error_Repair-WinThruster.exe"

checkup.txt

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Bitdefender Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 JavaFX 2.1.0    
 Java(TM) 6 Update 31  
 Java 7 Update 10  
 Java version out of Date! 
 Adobe Flash Player 15.0.0.152  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (32.0.2) 
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Bitdefender 2015 vsserv.exe  
 Bitdefender Bitdefender 2015 updatesrv.exe  
 Bitdefender Bitdefender 2015 bdagent.exe  
 Bitdefender Bitdefender 2015 bdwtxag.exe  
 Bitdefender Bitdefender 2015 Antispam32 bdwtxapps.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-09-2014 01
Ran by Maxi (administrator) on MAXI-PC on 25-09-2014 20:15:18
Running from C:\Users\Maxi\Desktop
Loaded Profile: Maxi (Available profiles: Maxi)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
( ) C:\Windows\System32\lxbkcoms.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
() C:\Users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1580360 2014-08-20] (Bitdefender)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Spotify Web Helper] => C:\Users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-28] (Spotify Ltd)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [815088 2014-08-14] (Bitdefender)
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Run: [Amazon Music] => C:\Users\Maxi\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-06] ()
HKU\S-1-5-21-3194724861-4292890466-1671743591-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\2gs3k6tl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\2gs3k6tl.default\Extensions\abs@avira.com [2014-09-15]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-09-17]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-09-17]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-11]
CHR Extension: (Google Drive) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-11]
CHR Extension: (YouTube) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-11]
CHR Extension: (Google-Suche) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-11]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Mail) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [77632 2014-08-08] (Bitdefender)
S4 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-06-17] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
S4 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
S4 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-08-08] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1513952 2014-08-11] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-05-16] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
S3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [34528 2013-03-28] (Windows (R) Win 7 DDK provider)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SaiH0C2D; C:\Windows\System32\DRIVERS\SaiH0C2D.sys [176128 2007-07-02] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-07-02] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 WmaCAudio; C:\Windows\System32\drivers\WmaCAudio.sys [34528 2013-06-17] (Windows (R) Win 7 DDK provider)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 20:15 - 2014-09-25 20:15 - 00015102 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-09-25 20:15 - 2014-09-25 20:15 - 00000000 ____D () C:\Users\Maxi\Desktop\FRST-OlderVersion
2014-09-25 20:14 - 2014-09-25 20:14 - 00001193 _____ () C:\Users\Maxi\Desktop\checkup.txt
2014-09-25 15:33 - 2014-09-25 15:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-24 18:29 - 2014-09-25 20:15 - 00000000 ____D () C:\Users\Maxi\Desktop\Scansachen
2014-09-24 18:23 - 2014-09-24 18:23 - 00262144 ____N () C:\Windows\Minidump\092414-17362-01.dmp
2014-09-24 18:10 - 2014-09-24 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-09-24 18:01 - 2014-09-24 18:04 - 00000000 ____D () C:\AdwCleaner
2014-09-24 18:00 - 2014-09-24 18:00 - 01373475 _____ () C:\Users\Maxi\Downloads\AdwCleaner_3.310.exe
2014-09-24 17:22 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 17:22 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 17:16 - 2014-09-24 17:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-24 17:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-24 17:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-24 17:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 17:15 - 2014-09-24 17:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maxi\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-23 21:07 - 2014-09-23 21:07 - 00020716 _____ () C:\ComboFix.txt
2014-09-23 20:26 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-23 20:26 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-23 20:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-23 20:26 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-23 20:25 - 2014-09-23 21:07 - 00000000 ____D () C:\Qoobox
2014-09-23 20:25 - 2014-09-23 20:42 - 00000000 ____D () C:\Windows\erdnt
2014-09-23 18:01 - 2014-09-23 18:01 - 03129123 _____ () C:\Users\Maxi\Downloads\Anhänge_20140923.zip
2014-09-22 19:47 - 2014-09-25 20:15 - 02108928 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-09-22 19:47 - 2014-09-25 20:15 - 00000000 ____D () C:\FRST
2014-09-22 19:47 - 2014-09-22 19:48 - 00018221 _____ () C:\Users\Maxi\Downloads\FRST.txt
2014-09-21 13:46 - 2014-09-21 13:47 - 01307544 _____ () C:\Windows\Minidump\092114-18267-01.dmp
2014-09-21 12:47 - 2014-09-21 12:47 - 00001122 _____ () C:\Users\Maxi\Desktop\Amazon Music.lnk
2014-09-21 12:45 - 2014-09-21 12:46 - 39967720 _____ (Amazon) C:\Users\Maxi\Downloads\AmazonMusicInstaller.exe
2014-09-20 11:00 - 2014-09-20 11:00 - 00262144 ____N () C:\Windows\Minidump\092014-41839-01.dmp
2014-09-20 10:49 - 2014-09-20 10:49 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-20 10:49 - 2014-09-20 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-20 10:48 - 2014-09-20 10:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-20 10:46 - 2014-09-20 10:46 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Maxi\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-20 10:45 - 2014-09-20 10:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 16:31 - 2014-09-17 16:31 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-09-17 16:31 - 2014-09-17 16:31 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-09-17 16:01 - 2014-09-17 16:01 - 00002126 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2014-09-17 16:01 - 2014-09-17 16:01 - 00000684 ____H () C:\bdr-cf01
2014-09-17 16:01 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-09-17 16:00 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-09-17 16:00 - 2014-05-16 13:01 - 01260120 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-09-17 16:00 - 2013-11-13 15:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-09-17 16:00 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-09-17 15:55 - 2014-09-17 16:07 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Bitdefender
2014-09-17 15:55 - 2014-09-17 16:01 - 00253404 ____H () C:\bdr-ld01
2014-09-17 15:55 - 2014-09-17 16:01 - 00009216 ____H () C:\bdr-ld01.mbr
2014-09-17 15:55 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2014-09-17 15:55 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-09-17 15:52 - 2014-07-02 17:47 - 00419616 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-09-17 15:52 - 2013-08-23 13:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-09-16 17:23 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-09-16 17:14 - 2014-09-17 15:52 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-16 17:13 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-09-16 17:13 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-09-16 17:13 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-09-15 18:11 - 2014-09-15 18:11 - 00262144 ____N () C:\Windows\Minidump\091514-25443-01.dmp
2014-09-15 16:51 - 2014-09-17 16:17 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-15 16:39 - 2014-09-15 16:43 - 149527616 _____ () C:\Users\Maxi\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-14 13:53 - 2014-09-14 13:53 - 00915646 _____ () C:\Users\Maxi\Downloads\Anschreibe
2014-09-12 22:09 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 22:09 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 22:09 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 22:09 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 22:09 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 22:09 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 22:09 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 22:09 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 22:09 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 22:09 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 22:09 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 22:09 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 22:08 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 22:08 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 22:08 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 22:08 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 22:08 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 22:08 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 22:08 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 22:08 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 22:08 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 22:08 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 22:08 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 22:08 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 22:08 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 22:08 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 22:08 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 22:08 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 22:08 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 22:08 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 22:08 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 22:08 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 22:08 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 22:08 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 22:08 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 22:08 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 22:08 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 22:08 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 22:08 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 22:08 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 22:08 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 22:08 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 22:08 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 22:08 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 22:08 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 22:08 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 22:08 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 22:08 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 22:08 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 22:08 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 22:08 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 22:08 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 22:08 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 22:08 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 21:59 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 21:59 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 15:19 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 15:19 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 15:18 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 15:18 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 15:18 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 15:18 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 15:18 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 15:18 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 15:18 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 15:18 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 15:18 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-29 17:05 - 2014-09-21 13:46 - 402282750 _____ () C:\Windows\MEMORY.DMP
2014-08-29 17:05 - 2014-08-29 17:05 - 00786120 _____ () C:\Windows\Minidump\082914-30139-01.dmp
2014-08-28 19:12 - 2014-09-24 18:05 - 00195346 _____ () C:\Windows\PFRO.log
2014-08-28 10:17 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 10:17 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 10:17 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 20:16 - 2014-09-25 20:15 - 00015102 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-09-25 20:15 - 2014-09-25 20:15 - 00000000 ____D () C:\Users\Maxi\Desktop\FRST-OlderVersion
2014-09-25 20:15 - 2014-09-24 18:29 - 00000000 ____D () C:\Users\Maxi\Desktop\Scansachen
2014-09-25 20:15 - 2014-09-22 19:47 - 02108928 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-09-25 20:15 - 2014-09-22 19:47 - 00000000 ____D () C:\FRST
2014-09-25 20:14 - 2014-09-25 20:14 - 00001193 _____ () C:\Users\Maxi\Desktop\checkup.txt
2014-09-25 20:00 - 2013-02-19 22:17 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce0ede2304e130.job
2014-09-25 20:00 - 2011-11-27 18:55 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 19:18 - 2013-07-10 17:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 17:51 - 2011-09-03 14:12 - 01379560 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 15:34 - 2009-07-14 06:45 - 00030560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 15:34 - 2009-07-14 06:45 - 00030560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 15:33 - 2014-09-25 15:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-25 15:32 - 2011-09-04 00:08 - 00699490 _____ () C:\Windows\system32\perfh007.dat
2014-09-25 15:32 - 2011-09-04 00:08 - 00149630 _____ () C:\Windows\system32\perfc007.dat
2014-09-25 15:32 - 2009-07-14 07:13 - 01620932 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-25 15:27 - 2014-07-27 16:58 - 00003768 _____ () C:\Windows\setupact.log
2014-09-25 15:27 - 2011-11-08 21:53 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-25 15:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 18:23 - 2014-09-24 18:23 - 00262144 ____N () C:\Windows\Minidump\092414-17362-01.dmp
2014-09-24 18:23 - 2014-07-27 17:09 - 00000000 ____D () C:\Windows\Minidump
2014-09-24 18:10 - 2014-09-24 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-09-24 18:05 - 2014-08-28 19:12 - 00195346 _____ () C:\Windows\PFRO.log
2014-09-24 18:04 - 2014-09-24 18:01 - 00000000 ____D () C:\AdwCleaner
2014-09-24 18:04 - 2011-09-03 16:34 - 00000993 _____ () C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-24 18:00 - 2014-09-24 18:00 - 01373475 _____ () C:\Users\Maxi\Downloads\AdwCleaner_3.310.exe
2014-09-24 17:17 - 2014-09-24 17:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-24 17:16 - 2014-09-24 17:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-24 17:15 - 2014-09-24 17:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maxi\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-23 21:07 - 2014-09-23 21:07 - 00020716 _____ () C:\ComboFix.txt
2014-09-23 21:07 - 2014-09-23 20:25 - 00000000 ____D () C:\Qoobox
2014-09-23 21:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-23 20:46 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-23 20:42 - 2014-09-23 20:25 - 00000000 ____D () C:\Windows\erdnt
2014-09-23 20:22 - 2013-07-10 17:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 20:22 - 2012-05-16 22:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 20:22 - 2011-09-03 17:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 18:01 - 2014-09-23 18:01 - 03129123 _____ () C:\Users\Maxi\Downloads\Anhänge_20140923.zip
2014-09-22 19:48 - 2014-09-22 19:47 - 00018221 _____ () C:\Users\Maxi\Downloads\FRST.txt
2014-09-21 13:47 - 2014-09-21 13:46 - 01307544 _____ () C:\Windows\Minidump\092114-18267-01.dmp
2014-09-21 13:46 - 2014-08-29 17:05 - 402282750 _____ () C:\Windows\MEMORY.DMP
2014-09-21 12:47 - 2014-09-21 12:47 - 00001122 _____ () C:\Users\Maxi\Desktop\Amazon Music.lnk
2014-09-21 12:46 - 2014-09-21 12:45 - 39967720 _____ (Amazon) C:\Users\Maxi\Downloads\AmazonMusicInstaller.exe
2014-09-21 11:54 - 2014-08-08 10:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-20 11:00 - 2014-09-20 11:00 - 00262144 ____N () C:\Windows\Minidump\092014-41839-01.dmp
2014-09-20 10:49 - 2014-09-20 10:49 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-20 10:49 - 2014-09-20 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-20 10:49 - 2014-09-20 10:48 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-20 10:49 - 2011-09-29 22:04 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\DVDVideoSoft
2014-09-20 10:46 - 2014-09-20 10:46 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Maxi\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe
2014-09-20 10:46 - 2014-09-20 10:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 18:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-17 16:31 - 2014-09-17 16:31 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-09-17 16:31 - 2014-09-17 16:31 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-09-17 16:17 - 2014-09-15 16:51 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-17 16:17 - 2012-02-13 16:43 - 00000000 ____D () C:\ProgramData\Avira
2014-09-17 16:07 - 2014-09-17 15:55 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Bitdefender
2014-09-17 16:01 - 2014-09-17 16:01 - 00002126 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2014-09-17 16:01 - 2014-09-17 16:01 - 00000684 ____H () C:\bdr-cf01
2014-09-17 16:01 - 2014-09-17 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-09-17 16:01 - 2014-09-17 15:55 - 00253404 ____H () C:\bdr-ld01
2014-09-17 16:01 - 2014-09-17 15:55 - 00009216 ____H () C:\bdr-ld01.mbr
2014-09-17 16:01 - 2014-09-16 17:13 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-09-17 15:52 - 2014-09-16 17:14 - 00000000 ____D () C:\Program Files\Bitdefender
2014-09-17 15:52 - 2013-09-15 15:07 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-09-15 21:13 - 2012-08-17 09:45 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Spotify
2014-09-15 21:05 - 2012-08-17 09:45 - 00000000 ____D () C:\Users\Maxi\AppData\Local\Spotify
2014-09-15 18:11 - 2014-09-15 18:11 - 00262144 ____N () C:\Windows\Minidump\091514-25443-01.dmp
2014-09-15 16:43 - 2014-09-15 16:39 - 149527616 _____ () C:\Users\Maxi\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-09-14 13:53 - 2014-09-14 13:53 - 00915646 _____ () C:\Users\Maxi\Downloads\Anschreibe
2014-09-14 12:15 - 2013-09-16 17:41 - 00000401 _____ () C:\Windows\system32\checkdnsid.xml
2014-09-12 22:07 - 2012-01-18 18:09 - 01594276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 22:06 - 2013-08-15 22:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 22:00 - 2012-01-21 10:48 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 21:59 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 00:11 - 2014-09-24 17:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 23:47 - 2014-09-24 17:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-05 04:10 - 2014-09-12 15:18 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-12 15:18 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-29 17:05 - 2014-08-29 17:05 - 00786120 _____ () C:\Windows\Minidump\082914-30139-01.dmp
2014-08-29 15:51 - 2011-10-28 14:41 - 00000000 ____D () C:\Users\Maxi\Documents\Flight Simulator X-Dateien
2014-08-28 19:32 - 2012-07-01 12:22 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\vlc
2014-08-28 19:13 - 2014-07-27 16:58 - 00342528 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Maxi\AppData\Local\Temp\Quarantine.exe
C:\Users\Maxi\AppData\Local\Temp\rtdrvmon.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-17 18:18

==================== End Of Log ============================

--- --- ---

--- --- ---

Probleme habe ich fast gar nicht mehr gestern hat er sich beim Posten der logs mal aufgehängt aber er hängt kaum noch! Vielen Dank schonmal!!
Was ich nur nachwievor komisch finde, ist dass die Auslastung des Ram bei keinem geöffneten Programm schon bei 47% ist obwohl Taskmanager keine nenneswerten Prozesse anzeigt... Früher lag das bei 30%
LG Maxi

schrauber · 26.09.2014, 15:33

Java und Adobe updaten. RAM mal getestet?

maxwell0901 · 26.09.2014, 15:58

Ok, danke! Nein Ram habe ich noch nicht getestet, werde ich aber mal tun sobald ich Zeit habe

Pc läuft aber auf jeden Fall flüssiger, werde als Dankeschön etwas spenden!
LG Maxi

schrauber · 26.09.2014, 19:41

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

maxwell0901 · 27.09.2014, 20:23

Hallo,
Vielen Dank für die zahlreichen hilfreichen Infos ! werde, wenn ich Zeit habe, mich mal intensiver damit beschäftigen!
Pc läuft recht flüssig aktuell, hat sich auch nicht mehr aufgehängt

)
Hiermit habe ich keine Fragen mehr.
LG Maxi
:dankeschön:

schrauber · 28.09.2014, 13:29

Gern Geschehen

26.09.2014, 15:33	#10
schrauber /// the machine /// TB-Ausbilder	Virus auf dem Pc? Anfängliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit! Java und Adobe updaten. RAM mal getestet? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

28.09.2014, 13:29	#14
schrauber /// the machine /// TB-Ausbilder	Virus auf dem Pc? Anfängliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit! Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Virus auf dem Pc? Anfängliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit!

Plagegeister aller Art und deren Bekämpfung: Virus auf dem Pc? Anfängliches Ruckeln wird zu Einfrieren des Pcs und sehr langsamer Geschwindigkeit!