| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Unbekannter UploadWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.10.2014, 10:43
| #1 |
| |  Unbekannter Upload Hallo Leute, ich habe mir leider etwas eingefangen. Ich habe eine 16.000er DSL-Leitung, aber letztens fiel mir auf, dass ich zuwenig download habe, knapp die hälfte, manchmal noch weniger. Ich habe jetzt mit einem anderen Rechner meine Leitung geprüft, da läuft alles normal, also muss ich mir den Hauptrechner verseucht haben. Die gängigen Tools finden nichts, ich habe daher jetzt einen scan mit farbar recovery scan tool gemacht, logs hänge ich mit dran. Danke für eure Hilfe, ihr macht hier eine super Arbeit, ich verfolge das schon lange, aber jetzt brauche ich zum ersten Mal selber Hilfe. Schöne Grüße krampf FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by Sebastian (administrator) on SEBASTIAN-PC on 02-10-2014 11:36:51
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1666432 2014-09-22] (Simply Super Software)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
Chrome:
=======
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google Search) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-02] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 11:36 - 2014-10-02 11:37 - 00021497 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-02 11:36 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-02 11:35 - 02108928 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 19:21 - 2014-10-02 11:31 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Sebastian\Desktop\SmartCC
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-01 20:53 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:45 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\Users\Sebastian\Documents\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-09-22 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-09-22 15:03 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-29 16:05 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC 30
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris 1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent
2014-09-14 23:19 - 2014-09-14 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 23:18 - 2014-09-14 23:19 - 06057862 _____ (Tim Kosse) C:\Users\Sebastian\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-13 21:16 - 2014-09-13 21:16 - 00763575 _____ () C:\Users\Sebastian\Downloads\ArenaValue.1.0.5.0.zip
2014-09-13 13:50 - 2014-10-02 11:30 - 00012166 _____ () C:\Windows\PFRO.log
2014-09-12 19:47 - 2014-09-25 19:17 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 19:47 - 2014-09-12 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 19:40 - 2014-09-12 19:40 - 00000000 ____D () C:\ProgramData\ATI
2014-09-12 19:39 - 2014-09-12 19:39 - 00067608 _____ () C:\Windows\SysWOW64\CCCInstall_201409121939038099.log
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-12 19:38 - 2014-09-12 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-12 19:38 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-09-12 19:37 - 2014-09-12 19:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-12 19:28 - 2014-10-02 11:30 - 00002567 _____ () C:\Windows\setupact.log
2014-09-12 19:28 - 2014-09-12 19:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 19:07 - 2014-09-12 19:13 - 283056096 _____ (AMD Inc.) C:\Users\Sebastian\Downloads\amd-catalyst-desktop-apus-win8.1-win7-64bit.exe
2014-09-12 19:06 - 2014-09-12 19:06 - 00891224 _____ (AMD) C:\Users\Sebastian\Downloads\amddriverdownloader (1).exe
2014-09-12 19:04 - 2014-09-12 19:04 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-12 19:04 - 2014-09-12 19:04 - 00000832 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-12 19:04 - 2014-09-12 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-12 19:04 - 2014-09-12 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 18:59 - 2014-09-12 18:59 - 00060572 _____ () C:\Windows\SysWOW64\CCCInstall_201409121859531251.log
2014-09-12 18:56 - 2014-09-12 18:57 - 03826912 _____ (Piriform Ltd) C:\Users\Sebastian\Downloads\ccsetup417_slim.exe
2014-09-11 00:43 - 2014-09-11 00:43 - 02524469 _____ () C:\Users\Sebastian\Downloads\reund.html
2014-09-10 23:28 - 2014-09-10 23:28 - 00009891 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Stromberg.Der.Film.German.720p.BluRay.x264-EXQUiSiTE.torrent
2014-09-10 22:42 - 2014-09-07 17:57 - 00022990 _____ () C:\Users\Sebastian\Documents\SEPA%2003.09.2014.xlsx_0.ods
2014-09-10 20:50 - 2014-09-10 20:50 - 00061410 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Under.the.Dome.S01.COMPLETE.GERMAN.DUBBED.WebHDRiP.XviD-SOF.torrent
2014-09-10 20:49 - 2014-09-10 20:49 - 00053292 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Homeland.S03.COMPLETE.GERMAN.DUBBED.WebHDRiP.x264-SOF.torrent
2014-09-10 03:04 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 03:04 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 03:04 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 03:04 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 03:04 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 03:04 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 03:04 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 03:04 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 03:04 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 03:04 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 03:04 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 03:04 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 03:04 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 03:04 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 03:04 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 03:04 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 03:04 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 03:04 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 03:04 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 03:04 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 03:04 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 03:04 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 03:04 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 03:04 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 03:04 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 03:04 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 03:04 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 03:04 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 03:04 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 03:04 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 03:04 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 03:04 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 03:04 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 03:04 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 03:04 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 03:04 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 03:04 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 03:04 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 03:04 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 03:04 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 03:04 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 03:04 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 03:04 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 03:04 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 03:04 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 03:04 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 03:04 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 03:04 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 03:04 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 03:03 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 00:57 - 2014-09-10 00:57 - 00881127 _____ () C:\Users\Sebastian\Downloads\DragonCC4.2.rar
2014-09-09 21:42 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 21:42 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 21:41 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 21:41 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 21:40 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 21:40 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 21:40 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 21:40 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 21:40 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 21:40 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 21:40 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-07 13:30 - 2014-09-07 13:30 - 00898243 _____ () C:\Users\Sebastian\Downloads\DragonCC3-4.rar
2014-09-07 13:24 - 2014-09-07 13:24 - 00890795 _____ () C:\Users\Sebastian\Downloads\DragonCC4 (1).rar
2014-09-07 13:22 - 2014-09-20 12:38 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC
2014-09-06 12:06 - 2014-09-06 12:06 - 00890795 _____ () C:\Users\Sebastian\Downloads\DragonCC4.rar
2014-09-05 21:41 - 2014-09-05 21:41 - 00076689 _____ () C:\Users\Sebastian\Downloads\Leverage-Staffel05-Folge13-15@www.torrent.to.torrent
2014-09-02 19:25 - 2014-09-02 19:25 - 00000237 _____ () C:\Users\Sebastian\Downloads\PayPal 01.09.2014.csv
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-02 11:35 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-02 11:35 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 11:35 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 11:34 - 2014-02-07 07:26 - 01942614 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 11:31 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-02 11:31 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-02 11:31 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 11:31 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-02 11:30 - 2014-07-30 22:45 - 00005310 _____ () C:\Windows\system32\debug.log
2014-10-02 11:30 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 11:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 02:14 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-02 02:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 01:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-10-02 01:00 - 2014-02-12 20:44 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\PMB Files
2014-10-02 01:00 - 2014-02-12 20:44 - 00000000 ____D () C:\ProgramData\PMB Files
2014-10-02 00:33 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 00:33 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 00:21 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-02 00:01 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-01 00:56 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-30 22:54 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-28 01:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2014-09-16 21:25 - 2014-08-30 01:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\FileZilla
2014-09-16 02:03 - 2014-06-14 19:30 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 02:03 - 2014-06-14 19:30 - 00001100 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-14 23:19 - 2014-08-30 01:05 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-09-12 19:47 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 19:46 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-12 19:46 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 19:46 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-12 19:46 - 2014-02-07 07:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\ProgramData\AMD
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\Program Files\AMD
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-09-12 19:39 - 2014-02-07 07:37 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-12 19:26 - 2014-05-17 00:21 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-09-12 19:26 - 2014-02-24 21:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TeamViewer
2014-09-12 19:26 - 2014-02-07 07:22 - 00000000 ____D () C:\Windows\Panther
2014-09-10 22:56 - 2014-06-09 23:05 - 00000000 ____D () C:\s3 refund.me
2014-09-10 03:03 - 2014-04-03 03:00 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-10 03:03 - 2014-02-23 12:40 - 00002127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 03:03 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 03:02 - 2014-02-23 12:40 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 03:02 - 2014-02-23 12:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-10 03:02 - 2014-02-07 02:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 03:00 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 03:00 - 2014-02-07 02:14 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\e45ear24.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_10436.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_12339.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_1645.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_2530.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_26929.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_28586.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_3680.dll
C:\Users\Sebastian\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-28 01:49
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01
Ran by Sebastian at 2014-10-02 11:37:23
Running from C:\Users\Sebastian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33870 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40812 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0812.1103.17905 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{1113B31C-097E-644C-7242-829DFC0CED38}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0812.1103.17905 - Ihr Firmenname) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks)
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD USB 3.0 Device Detector (Version: 2.1.29.0 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Automatic Email Manager 5.15 (HKLM\...\{60C042B5-EB83-44A1-A522-3D1BDC901E80}) (Version: 5.15 - Namtuk)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CloudBerry Explorer for Amazon S3 3.8.7 (HKLM\...\CloudBerry Explorer for Amazon S3) (Version: 3.8.7 - CloudBerryLab)
CodeTwo QR Code Desktop Reader (HKLM-x32\...\{8E03824D-0FCC-4AAE-BBE3-3B544BE3876F}) (Version: 1.0.0 - CodeTwo)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Cloud Print-Drucker (HKLM-x32\...\{74AA24E0-AC50-4B28-BA46-9CF05467C9B7}) (Version: 28.0.1489.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.2.9.2071 - HearthstoneTracker.com)
HP LaserJet 400 M401 (HKLM-x32\...\{8989F6D9-550C-4178-A8CB-75B82A06621F}) (Version: 5.0.13198.1083 - Hewlett-Packard)
HP LaserJet 400 M401 HP Device Toolbox (x32 Version: 29.0.109.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (x32 Version: 4.0.0.7242 - Hewlett-Packard Company) Hidden
HP Unified IO (Version: 2.0.0.404 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.404 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM401DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.1 - HP) Hidden
HPLaserJet400-M401_HelpLearnCenter_SI (HKLM-x32\...\{4989DD05-86FB-4CA2-96C5-923DFAD89DA3}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 020.021.004 - HP) Hidden
HPLJUTCore (x32 Version: 004.005.0001 - HP) Hidden
HPLJUTM401 (x32 Version: 3.00.0003 - HP) Hidden
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM401LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM401 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.3) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LJDXPHelperUI (x32 Version: 020.021.004 - HP) Hidden
Macro Recorder 5.7.4 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.4 - Jitbit Software)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{797A6AD2-06D5-484B-81FE-25895A56B1F2}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.23 - LG Electronics Inc.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trojan Remover 6.9.1.2931 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2931 - Simply Super Software)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
25-09-2014 00:48:07 Windows Update
29-09-2014 23:17:52 Windows Update
30-09-2014 23:23:26 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0305B390-003B-4DAC-8DC9-F62EC812A8DE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {386CFDDB-2326-47CD-A4FE-C46554050D10} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {3FEFA80E-4019-4642-A935-E559D362C63E} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {50AD10A4-D6AC-4F3B-A8BF-C66E22F660EB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {6DBD98FF-1347-4642-9925-C1AFE117B805} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6FDA6E34-03C5-4AED-BDAB-6001669799CA} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {751607E3-9066-486E-99D7-0F9720E73FE8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {7B8873EB-A73C-4B23-A7B5-234DEA64649A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {7D1E9BC1-CCE9-450C-AC38-1912D1754AE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {8316B68D-B23B-452B-9FBF-3BBA09C2CF13} - System32\Tasks\{6127E29C-7967-4AC2-B92E-17C42D62C9EA} => C:\Program Files (x86)\GIGABYTE\ET6\ET6SC.exe [2012-07-09] ()
Task: {9BD48AB0-69C4-4F3A-853A-B21596B82F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {AF3356D5-119A-46B0-A6D8-01C967DF13F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {EB2A5FFC-20D3-4FB3-8B49-48DBF9F69218} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2012-06-15] (Hewlett Packard)
Task: {F8D5E86C-E5F1-43F8-A269-43E99281420F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-08 14:32 - 2013-06-12 16:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-08-06 17:10 - 2012-10-12 12:02 - 00440320 ____N () C:\Program Files (x86)\Namtuk\Automatic Email Manager\SharpCompress.dll
2014-08-12 11:06 - 2014-08-12 11:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-08-12 11:05 - 2014-08-12 11:05 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-13 19:59 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2012-01-13 15:04 - 2012-01-13 15:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-02-08 14:32 - 2013-06-26 11:56 - 00241664 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
2014-08-12 11:06 - 2014-08-12 11:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-02-08 14:32 - 2013-06-12 16:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2013-11-11 19:56 - 2013-11-11 19:56 - 02887747 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2013-11-05 12:07 - 2013-11-05 12:07 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2013-09-13 16:26 - 2013-09-13 16:26 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 16:22 - 2008-05-07 16:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 16:01 - 2012-05-08 16:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2012-11-27 16:03 - 2012-11-27 16:03 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2010-06-24 16:50 - 2010-06-24 16:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 20:00 - 2011-03-01 20:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2011-10-18 10:26 - 2011-10-18 10:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2013-11-05 14:12 - 2013-11-05 14:12 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2013-11-06 18:59 - 2013-11-06 18:59 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2013-03-23 11:59 - 2013-03-23 11:59 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 15:11 - 2003-02-14 15:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2013-11-01 11:29 - 2013-11-01 11:29 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2013-05-24 01:50 - 2013-05-24 01:50 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2013-05-24 01:50 - 2013-05-24 01:50 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2013-09-12 12:50 - 2013-09-12 12:50 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-02-08 14:32 - 2013-04-24 18:47 - 00004608 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2014-09-06 18:44 - 2014-09-06 18:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-08-05 19:12 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 19:16 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 19:17 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3995683688-22251476-601076843-500 - Administrator - Disabled)
Gast (S-1-5-21-3995683688-22251476-601076843-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3995683688-22251476-601076843-1006 - Limited - Enabled)
Sebastian (S-1-5-21-3995683688-22251476-601076843-1000 - Administrator - Enabled) => C:\Users\Sebastian
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/02/2014 11:32:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/02/2014 00:28:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 08:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 04:55:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/30/2014 07:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/29/2014 01:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GUI.exe, Version: 1.0.0.1, Zeitstempel: 0x4f0fc8d2
Name des fehlerhaften Moduls: Normal.dll, Version: 1.0.0.1, Zeitstempel: 0x5280b7f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009ca66
ID des fehlerhaften Prozesses: 0x117c
Startzeit der fehlerhaften Anwendung: 0xGUI.exe0
Pfad der fehlerhaften Anwendung: GUI.exe1
Pfad des fehlerhaften Moduls: GUI.exe2
Berichtskennung: GUI.exe3
Error: (09/29/2014 01:08:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 02:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 10:55:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GUI.exe, Version: 1.0.0.1, Zeitstempel: 0x4f0fc8d2
Name des fehlerhaften Moduls: Normal.dll, Version: 1.0.0.1, Zeitstempel: 0x5280b7f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009ca66
ID des fehlerhaften Prozesses: 0x111c
Startzeit der fehlerhaften Anwendung: 0xGUI.exe0
Pfad der fehlerhaften Anwendung: GUI.exe1
Pfad des fehlerhaften Moduls: GUI.exe2
Berichtskennung: GUI.exe3
Error: (09/27/2014 10:17:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/02/2014 11:31:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/02/2014 11:31:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (10/02/2014 00:26:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/02/2014 00:26:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (10/02/2014 00:25:14 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (10/01/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/01/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (10/01/2014 04:53:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/01/2014 04:53:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.
Error: (09/30/2014 07:20:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/02/2014 11:32:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/02/2014 00:28:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 08:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/01/2014 04:55:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/30/2014 07:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/29/2014 01:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GUI.exe1.0.0.14f0fc8d2Normal.dll1.0.0.15280b7f4c00000050009ca66117c01cfdb70db4da4c7C:\Program Files (x86)\GIGABYTE\ET6\GUI.exeC:\Program Files (x86)\GIGABYTE\ET6\Normal.dll4c8b5502-47cd-11e4-9ab0-0c8bfd4e765d
Error: (09/29/2014 01:08:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 02:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/28/2014 10:55:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GUI.exe1.0.0.14f0fc8d2Normal.dll1.0.0.15280b7f4c00000050009ca66111c01cfda8fe613d8ccC:\Program Files (x86)\GIGABYTE\ET6\GUI.exeC:\Program Files (x86)\GIGABYTE\ET6\Normal.dll24b1ad32-46ed-11e4-af24-0c8bfd4e765d
Error: (09/27/2014 10:17:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-09-22 18:48:49.903
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.862
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.819
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.777
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.047
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:49.005
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.962
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.920
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.246
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-22 18:48:48.204
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD A10-6800K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 32%
Total physical RAM: 7367.6 MB
Available physical RAM: 4989.88 MB
Total Pagefile: 14733.38 MB
Available Pagefile: 11724.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (SSD 120 GB) (Fixed) (Total:111.69 GB) (Free:32.57 GB) NTFS
Drive e: (WD Red 4 TB) (Fixed) (Total:3725.9 GB) (Free:2367.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: FA67A521)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 8A9D30C7)
Partition: GPT Partition Type.
==================== End Of Log ============================
Geändert von krampf (02.10.2014 um 11:16 Uhr) |
Baum-Darstellung