Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Ist das ein Virus?

Ist das ein Virus?


Plagegeister aller Art und deren Bekämpfung: Ist das ein Virus?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.10.2014, 00:22   #1
chan1
 
Ist das ein Virus? - Standard

Ist das ein Virus?


Hallo, seit gestern fängt meine maus immer automatisch zu klicken an (größteils rechts). Da ich einen laptop habe kann ich die 'maus' nicht eben mal rausstöpseln.
Ich hab mein laptop 20 mal schon neugestartet und auch ein paar viren programme drüber laufen lassen, aber es wurde nichts gefunden.
Manchmal ist das klicken weniger und manchmal so extrem das ich rein garnichts machen kann und mein laptop dann abstürzt.
Kann mir jemand sagen was das ist und was ich dagegen machen kann? :/

Alt 15.10.2014, 06:35   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Ist das ein Virus? - Standard

Ist das ein Virus?


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 15.10.2014, 10:17   #3
chan1
 
Ist das ein Virus? - Standard

Ist das ein Virus?



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-10-2014
Ran by PC (administrator) on PC-PC on 15-10-2014 11:00:52
Running from C:\Users\PC\Desktop
Loaded Profile: PC (Available profiles: PC & Test)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] => C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6310912 2010-06-23] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [CSRBIP] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBipPushResponder.exe [419752 2009-12-24] (CSR, plc)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [LoadFUJ02E3] => C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-08-29] ()
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Mobile Connection Manager] => C:\Program Files (x86)\o2\Mobile Connection Manager\emmsn.exe [3779960 2010-11-11] (Telefónica I+D)
HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2014-02-25] (Razer Inc.)
HKLM-x32\...\Run: [fst_de_162] => [X]
HKLM-x32\...\Run: [WTClient] => C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-15] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\Run: [Akamai NetSession Interface] => C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-26] (Google Inc.)
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: E - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: F - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: {3fa937d0-2d7a-11e1-b284-e0ca94590b8d} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: {894d14ea-2d7f-11e1-81f5-e0ca94590b8d} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: {894d1519-2d7f-11e1-81f5-e0ca94590b8d} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: {90545351-3443-11e4-a93a-e0ca94590b8d} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: {be62cbb5-ca43-11e3-b8cf-001e101f2c0e} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: {be62cbe0-ca43-11e3-b8cf-001e101f2c0e} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2679388482-3162788823-1320574773-1000\...\MountPoints2: {f6090e28-33e7-11e1-bcd8-e0ca94590b8d} - E:\setup_vmb_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D07D46795C1CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386293017&from=vit&uid=TOSHIBAXMK5076GSX_X1PCC1B1TXXX1PCC1B1T&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=TOSHIBAXMK5076GSX_X1PCC1B1TXXX1PCC1B1T&ts=1393420341
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dvd_14_15_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtDzytAzyyE0CyBtB0CtAtN0D0Tzu0SzztAtCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0DyEyEtB0F0A0DtGyDtD0ByEtG0D0Dzz0BtGyE0Ezy0DtGyD0F0DtC0FyEtC0ByEtA0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0C0ByDyBzz0B0EtGyD0Fzz0BtGtCyB0E0BtG0FyCtDzytGtCzy0DyEtByCzy0CtDtA0E0B2Q&cr=553504565&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1386293017&from=vit&uid=TOSHIBAXMK5076GSX_X1PCC1B1TXXX1PCC1B1T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386293017&from=vit&uid=TOSHIBAXMK5076GSX_X1PCC1B1TXXX1PCC1B1T&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_15_ff&cd=2XzuyEtN2Y1L1Qzu0EyE0DyDtA0DtDzytAzyyE0CyBtB0CtAtN0D0Tzu0SzztAtCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0DyEyEtB0F0A0DtGyDtD0ByEtG0D0Dzz0BtGyE0Ezy0DtGyD0F0DtC0FyEtC0ByEtA0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0C0ByDyBzz0B0EtGyD0Fzz0BtGtCyB0E0BtG0FyCtDzytGtCzy0DyEtByCzy0CtDtA0E0B2Q&cr=553504565&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1386293017&from=vit&uid=TOSHIBAXMK5076GSX_X1PCC1B1TXXX1PCC1B1T&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880JXKe86_GbHG1dd3_ZUO-n2VpFb_9qmINzZX_9_82Dr_lRw2moJdZI8lr3pFT6Dr86CkJR2ECRMVQZIYVNk8Gv06-rtYZEdVb3o7asFqgXCil-zmlylx9MjSsRuJWudA96Ip4vPXJgMeRQXJUd7Urz_70q6i_8gOt4JWS4IAw,,&q={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880JXKe86_GbHG1dd3_ZUO-n2VpFb_9qmINzZX_9_82Dr_lRw2moJdZI8lr3pFT6Dr86CkJR2ECRMVQZIYVNk8Gv06-rtYZEdVb3o7asFqgXCil-zmlylx9MjSsRuJWudA96Ip4vPXJgMeRQXJUd8LK2c5qEVgBB3jcE8lfQ0yA,,&q={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {EC136321-1AE5-4A7F-B01C-5380D666175B} ->  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{5EEB1E3D-CC9B-4D3E-A11B-599B460A20BB}: [NameServer] 139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{968467E7-A4AC-46CB-A75D-61F63AB00DE5}: [NameServer] 139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{AE4E7BA8-5F0E-4CCA-A639-8542D144487E}: [NameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{E2341D72-3083-487C-B265-C75D1C01D3F2}: [NameServer] 139.7.30.126 139.7.30.125

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3omii26w.default-1394646146953
FF Homepage: hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880JXKe86_GbHG1dd3_ZUO-n2VpFb_9qmINzZX_9_82Dr_lRw2moJdZI8lr3pFT6Dr86CkJR2ECRMVQZIYVNk8GduVmOGMFqlJWhTrgA5HQdBrzeHXMzN0wSnDAiIc1Ld0ZuzOusEKq5lwrBnbDNuMjqYQw7gW9zUs7tthCyldw,,
FF Keyword.URL: hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880JXKe86_GbHG1dd3_ZUO-n2VpFb_9qmINzZX_9_82Dr_lRw2moJdZI8lr3pFT6Dr86CkJR2ECRMVQZIYVNk8Gv06-rtYZEdVb3o7asFqgXCil-zmlylx9MjSsRuJWudA96Ip4vPXJgMeRQXJUd8LK2c5qEVgBB3jcE8lfQ0yA,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: vitzo.com/VDownloader -> C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll No File
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3omii26w.default-1394646146953\searchplugins\SafeFinder Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF HKLM-x32\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files (x86)\VDownloader\Addons\FireFox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-15]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-03]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
CHR Extension: (Extended Protection) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-08-15]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (No Name) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb [2012-10-19]
CHR HKCU\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\PC\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx []
CHR HKLM-x32\...\Chrome\Extension: [aeafggajkddfldahkmilbhpbcfnaphbd] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha905\ch\WebexpEnhancedV1alpha905.crx []
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\PC\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx []
CHR HKLM-x32\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files (x86)\VDownloader\Addons\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [paielofnmejgnadfcmjdkhmdhnbcincm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta324\ch\VideoPlayerV3beta324.crx [2014-02-26]
CHR StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-15] (AVAST Software)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-02-10] (IObit)
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [File not signed]
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.)
S2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-23] (FUJITSU LIMITED) [File not signed]
S2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-11-01] (Intel Corporation) [File not signed]
S2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-16] (AVG Secure Search)
S2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2009-09-23] (Tablet Driver) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-15] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-15] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-15] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-15] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-15] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-15] ()
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-16] (AVG Technologies)
S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [145624 2014-09-28] (AhnLab, Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [415232 2011-10-18] (Huawei Technologies Co., Ltd.)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
S2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.) [File not signed]
S3 rstescu; C:\Windows\system32\drivers\rstescu.sys [607256 2011-03-25] (Intel Corporation)
S3 rstescu1; C:\Windows\system32\drivers\rstescu1.sys [607256 2011-03-25] (Intel Corporation)
R0 rstfltr; C:\Windows\System32\drivers\rstfltr.sys [22552 2011-03-25] (Intel Corporation)
S3 RTCore64; C:\Program Files (x86)\RMClock\RTCore64.sys [7168 2005-05-25] () [File not signed]
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 11:00 - 2014-10-15 11:01 - 00025669 _____ () C:\Users\PC\Desktop\FRST.txt
2014-10-15 10:55 - 2014-10-15 10:55 - 00031397 _____ () C:\Users\PC\Downloads\Addition.txt
2014-10-15 10:53 - 2014-10-15 11:00 - 00000000 ____D () C:\FRST
2014-10-15 10:53 - 2014-10-15 10:55 - 00042624 _____ () C:\Users\PC\Downloads\FRST.txt
2014-10-15 10:52 - 2014-10-15 10:52 - 02110464 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2014-10-15 10:52 - 2014-10-15 10:52 - 01101824 _____ (Farbar) C:\Users\PC\Downloads\FRST.exe
2014-10-15 10:44 - 2014-10-15 10:45 - 00276984 _____ () C:\Windows\Minidump\101514-76159-01.dmp
2014-10-15 10:41 - 2014-10-15 10:41 - 00276984 _____ () C:\Windows\Minidump\101514-98764-01.dmp
2014-10-15 10:37 - 2014-10-15 10:37 - 00276984 _____ () C:\Windows\Minidump\101514-98639-01.dmp
2014-10-15 10:29 - 2014-10-15 10:29 - 00276984 _____ () C:\Windows\Minidump\101514-97843-01.dmp
2014-10-15 10:21 - 2014-10-15 10:21 - 00276984 _____ () C:\Windows\Minidump\101514-101868-01.dmp
2014-10-15 01:34 - 2014-10-15 01:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\AVAST Software
2014-10-15 01:33 - 2014-10-15 01:33 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-15 01:33 - 2014-10-15 01:33 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-15 01:33 - 2014-10-15 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-15 01:32 - 2014-10-15 01:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-10-15 01:32 - 2014-10-15 01:32 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-15 01:32 - 2014-10-15 01:32 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-15 01:32 - 2014-10-15 01:32 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-15 01:32 - 2014-10-15 01:32 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-15 01:32 - 2014-10-15 01:32 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-15 01:32 - 2014-10-15 01:32 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-15 01:32 - 2014-10-15 01:32 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-15 01:32 - 2014-10-15 01:32 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-15 01:32 - 2014-10-15 01:32 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-15 01:31 - 2014-10-15 01:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-15 01:30 - 2014-10-15 01:31 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-15 01:26 - 2014-10-15 01:30 - 91906368 _____ (AVAST Software) C:\Users\PC\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-10-15 01:26 - 2014-10-15 01:30 - 150010760 _____ () C:\Users\PC\Downloads\avira07_free_antivirus_de.exe
2014-10-14 02:51 - 2014-10-14 02:52 - 00276928 _____ () C:\Windows\Minidump\101414-38189-01.dmp
2014-10-14 02:50 - 2014-10-14 02:50 - 00000000 _____ () C:\Users\PC\AppData\Local\{6CA36428-B50A-4B3B-BAAB-9CB82CC624DA}
2014-10-14 02:48 - 2014-10-14 02:48 - 00003544 ____N () C:\bootsqm.dat
2014-10-13 21:53 - 2014-10-13 21:53 - 00276928 _____ () C:\Windows\Minidump\101314-17971-01.dmp
2014-10-13 21:24 - 2014-10-13 21:25 - 00276928 _____ () C:\Windows\Minidump\101314-38329-01.dmp
2014-10-13 20:37 - 2014-10-13 20:37 - 00276928 _____ () C:\Windows\Minidump\101314-35552-01.dmp
2014-10-13 20:02 - 2014-10-13 20:03 - 00276928 _____ () C:\Windows\Minidump\101314-38423-01.dmp
2014-10-13 19:58 - 2014-10-13 19:59 - 00276928 _____ () C:\Windows\Minidump\101314-38048-01.dmp
2014-10-13 19:29 - 2014-10-13 19:29 - 00276928 _____ () C:\Windows\Minidump\101314-36317-01.dmp
2014-10-13 19:26 - 2014-10-13 19:26 - 00276928 _____ () C:\Windows\Minidump\101314-39374-01.dmp
2014-10-13 18:55 - 2014-10-13 18:55 - 00000000 _____ () C:\Windows\Minidump\101314-40373-01.dmp
2014-10-13 18:54 - 2014-10-15 10:43 - 461764808 _____ () C:\Windows\MEMORY.DMP
2014-10-13 18:53 - 2014-10-13 18:53 - 00000000 ____D () C:\Users\Test\AppData\Local\Avg2015
2014-10-12 22:36 - 2014-10-12 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-10 16:17 - 2014-10-10 16:17 - 00000000 ____D () C:\Program Files\Sandboxie
2014-10-10 16:16 - 2014-10-10 16:16 - 01125200 _____ () C:\Users\PC\Downloads\Sandboxie - CHIP-Installer.exe
2014-10-10 16:15 - 2014-10-10 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-10-05 22:30 - 2014-10-05 22:30 - 00000000 ____D () C:\Users\PC\Downloads\stick of truth
2014-10-05 22:27 - 2014-10-05 22:29 - 128956136 _____ () C:\Users\PC\Downloads\South Park The Stick Of Truth PC Installer v1.0.zip
2014-10-03 15:41 - 2014-10-03 15:57 - 00000000 ____D () C:\Users\PC\Downloads\lie
2014-10-03 14:51 - 2014-10-03 14:52 - 25072110 _____ () C:\Users\PC\Downloads\LiEat106.zip
2014-10-02 22:17 - 2014-10-02 22:17 - 02702474 _____ () C:\Users\PC\Downloads\15356_03(3).exe
2014-10-01 11:33 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 11:33 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 20:56 - 2014-09-28 20:56 - 00145624 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\EagleX64.sys
2014-09-25 14:37 - 2014-09-25 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 20:14 - 2014-09-23 20:14 - 00000000 ____D () C:\Windows\pss
2014-09-23 19:39 - 2014-09-23 19:39 - 00001054 _____ () C:\Users\PC\Desktop\TERA.lnk
2014-09-23 19:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 19:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 19:20 - 2014-09-23 19:20 - 00000000 ____D () C:\Users\PC\Downloads\lla
2014-09-23 19:08 - 2014-09-23 19:08 - 00014037 _____ () C:\Users\PC\Downloads\laa_2_0_4.zip
2014-09-23 18:52 - 2014-09-23 18:54 - 00000000 ____D () C:\Users\PC\Downloads\koreanelin
2014-09-23 18:49 - 2014-09-23 18:52 - 101995339 _____ () C:\Users\PC\Downloads\koreanelin.rar
2014-09-21 13:36 - 2014-09-21 13:36 - 02002088 _____ (PC Drivers HeadQuarters) C:\Users\PC\Downloads\DriverDetective.exe
2014-09-21 01:02 - 2014-10-10 16:26 - 00001526 _____ () C:\Windows\Sandboxie.ini
2014-09-21 01:02 - 2014-09-21 01:02 - 00000902 _____ () C:\Users\PC\Desktop\Sandboxed Web Browser.lnk
2014-09-18 16:46 - 2014-09-18 16:46 - 00001057 _____ () C:\Users\Test\Desktop\RightMark CPU Clock Utility.lnk
2014-09-18 16:46 - 2014-09-18 16:46 - 00001057 _____ () C:\Users\PC\Desktop\RightMark CPU Clock Utility.lnk
2014-09-18 16:46 - 2014-09-18 16:46 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RightMark CPU Clock Utility
2014-09-18 16:46 - 2014-09-18 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RightMark CPU Clock Utility
2014-09-18 16:45 - 2014-09-18 16:46 - 00000000 ____D () C:\Program Files (x86)\RMClock
2014-09-18 16:42 - 2014-09-18 16:42 - 01101648 _____ () C:\Users\PC\Downloads\RightMark CPU Clock Utility - CHIP-Installer.exe
2014-09-17 20:02 - 2014-09-19 01:31 - 00000160 _____ () C:\Windows\DirectX.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 10:44 - 2014-07-19 13:43 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-10-15 10:44 - 2014-04-24 00:20 - 00000000 ____D () C:\Windows\Minidump
2014-10-15 10:42 - 2012-10-12 05:40 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 10:41 - 2014-08-29 07:04 - 00019546 _____ () C:\Windows\setupact.log
2014-10-15 10:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-15 10:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-10-15 10:37 - 2012-10-12 05:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-15 10:33 - 2011-12-23 16:24 - 01653590 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 09:35 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-15 09:35 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-15 09:27 - 2014-08-29 07:04 - 00056806 _____ () C:\Windows\PFRO.log
2014-10-15 05:56 - 2012-01-15 15:51 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2014-10-15 05:27 - 2011-12-26 18:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2679388482-3162788823-1320574773-1000UA.job
2014-10-15 05:26 - 2014-09-09 23:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-15 01:39 - 2011-12-23 19:30 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-15 00:54 - 2014-02-10 16:35 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-14 19:27 - 2011-12-26 18:33 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2679388482-3162788823-1320574773-1000Core.job
2014-10-12 22:36 - 2014-03-14 13:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-12 22:36 - 2012-01-15 15:51 - 00000000 ____D () C:\ProgramData\Skype
2014-10-09 01:21 - 2014-08-19 00:22 - 00172032 ___SH () C:\Users\PC\Documents\Thumbs.db
2014-10-02 22:52 - 2014-09-14 22:12 - 00000000 ____D () C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2014-10-02 22:18 - 2014-09-14 23:28 - 00000000 ____D () C:\Program Files (x86)\TABLET
2014-09-27 12:30 - 2012-05-20 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 21:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-23 20:54 - 2011-12-24 01:18 - 00689336 _____ () C:\Windows\system32\perfh007.dat
2014-09-23 20:54 - 2011-12-24 01:18 - 00149308 _____ () C:\Windows\system32\perfc007.dat
2014-09-23 20:54 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-23 19:40 - 2014-04-12 04:21 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-09-23 19:39 - 2014-04-12 04:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
2014-09-23 19:23 - 2014-04-12 04:19 - 15366160 _____ (Gameforge Productions GmbH ) C:\Users\PC\Downloads\TERASetup.exe
2014-09-23 14:27 - 2014-08-31 22:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-22 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-19 01:31 - 2014-06-07 13:40 - 00000000 ____D () C:\Users\PC\Documents\FlyFF
2014-09-18 18:15 - 2014-09-13 04:26 - 00000000 ____D () C:\Users\PC\AppData\Local\SecondLife

Files to move or delete:
====================
C:\Users\PC\Setup.exe


Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\05jx3o0m.dll
C:\Users\PC\AppData\Local\Temp\0nh1jy5r.dll
C:\Users\PC\AppData\Local\Temp\1s5yhoem.dll
C:\Users\PC\AppData\Local\Temp\3tfqqc-k.dll
C:\Users\PC\AppData\Local\Temp\4thhfapu.dll
C:\Users\PC\AppData\Local\Temp\5gi9yjzd.dll
C:\Users\PC\AppData\Local\Temp\6-ybh3zw.dll
C:\Users\PC\AppData\Local\Temp\8z8tqsjv.dll
C:\Users\PC\AppData\Local\Temp\93f6eipj.dll
C:\Users\PC\AppData\Local\Temp\9xu6ztmb.dll
C:\Users\PC\AppData\Local\Temp\axpgbyfc.dll
C:\Users\PC\AppData\Local\Temp\azbkbilp.dll
C:\Users\PC\AppData\Local\Temp\b2imhc2t.dll
C:\Users\PC\AppData\Local\Temp\blfmvjhp.dll
C:\Users\PC\AppData\Local\Temp\BlueStacks-SplitInstaller_native_b.exe
C:\Users\PC\AppData\Local\Temp\ceuixbma.dll
C:\Users\PC\AppData\Local\Temp\cvh1o_zm.dll
C:\Users\PC\AppData\Local\Temp\d1lm3d3n.dll
C:\Users\PC\AppData\Local\Temp\d3jnzou3.dll
C:\Users\PC\AppData\Local\Temp\dcewcco2.dll
C:\Users\PC\AppData\Local\Temp\dioea4ki.dll
C:\Users\PC\AppData\Local\Temp\dle4ilvs.dll
C:\Users\PC\AppData\Local\Temp\dzkd1vu4.dll
C:\Users\PC\AppData\Local\Temp\e2sbrtca.dll
C:\Users\PC\AppData\Local\Temp\e5ode_v3.dll
C:\Users\PC\AppData\Local\Temp\ekikkuh1.dll
C:\Users\PC\AppData\Local\Temp\eldgkhlj.dll
C:\Users\PC\AppData\Local\Temp\eo_g3s-y.dll
C:\Users\PC\AppData\Local\Temp\ep_qidcf.dll
C:\Users\PC\AppData\Local\Temp\fjhna_hc.dll
C:\Users\PC\AppData\Local\Temp\ftl5gke9.dll
C:\Users\PC\AppData\Local\Temp\fwlotrt4.dll
C:\Users\PC\AppData\Local\Temp\g8o8cwcb.dll
C:\Users\PC\AppData\Local\Temp\ganyo-w_.dll
C:\Users\PC\AppData\Local\Temp\gkzwrlq_.dll
C:\Users\PC\AppData\Local\Temp\gn3hps0k.dll
C:\Users\PC\AppData\Local\Temp\gwlfrg5i.dll
C:\Users\PC\AppData\Local\Temp\hnsiezqx.dll
C:\Users\PC\AppData\Local\Temp\hrhxmav7.dll
C:\Users\PC\AppData\Local\Temp\hwqazmaf.dll
C:\Users\PC\AppData\Local\Temp\i9133wol.dll
C:\Users\PC\AppData\Local\Temp\icx3syq8.dll
C:\Users\PC\AppData\Local\Temp\if2ssxir.dll
C:\Users\PC\AppData\Local\Temp\iymh-hr_.dll
C:\Users\PC\AppData\Local\Temp\jlgyh4sn.dll
C:\Users\PC\AppData\Local\Temp\jpnygwnm.dll
C:\Users\PC\AppData\Local\Temp\jtvzzexm.dll
C:\Users\PC\AppData\Local\Temp\kboixfvk.dll
C:\Users\PC\AppData\Local\Temp\kduicxbk.dll
C:\Users\PC\AppData\Local\Temp\kpuoxywu.dll
C:\Users\PC\AppData\Local\Temp\l5bclqwo.dll
C:\Users\PC\AppData\Local\Temp\lgoj849b.dll
C:\Users\PC\AppData\Local\Temp\lmoysga9.dll
C:\Users\PC\AppData\Local\Temp\lrbtj1n8.dll
C:\Users\PC\AppData\Local\Temp\lrjdfegs.dll
C:\Users\PC\AppData\Local\Temp\ltmbfjp5.dll
C:\Users\PC\AppData\Local\Temp\mn9aigru.dll
C:\Users\PC\AppData\Local\Temp\nnt3ntkf.dll
C:\Users\PC\AppData\Local\Temp\nnuujnpl.dll
C:\Users\PC\AppData\Local\Temp\n_i9ryhy.dll
C:\Users\PC\AppData\Local\Temp\oeuaadtt.dll
C:\Users\PC\AppData\Local\Temp\olkhc6cx.dll
C:\Users\PC\AppData\Local\Temp\onqtj3b1.dll
C:\Users\PC\AppData\Local\Temp\osmlrjhi.dll
C:\Users\PC\AppData\Local\Temp\osr4kjrt.dll
C:\Users\PC\AppData\Local\Temp\otoewnh0.dll
C:\Users\PC\AppData\Local\Temp\pmaow6ha.dll
C:\Users\PC\AppData\Local\Temp\post1.exe
C:\Users\PC\AppData\Local\Temp\post2.dll
C:\Users\PC\AppData\Local\Temp\post2.exe
C:\Users\PC\AppData\Local\Temp\ppjcgmn_.dll
C:\Users\PC\AppData\Local\Temp\qdou2taw.dll
C:\Users\PC\AppData\Local\Temp\qjwtrx9m.dll
C:\Users\PC\AppData\Local\Temp\qxlph_la.dll
C:\Users\PC\AppData\Local\Temp\rlamm-xw.dll
C:\Users\PC\AppData\Local\Temp\s3mcvrrh.dll
C:\Users\PC\AppData\Local\Temp\s5yqlh83.dll
C:\Users\PC\AppData\Local\Temp\sgberjru.dll
C:\Users\PC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\PC\AppData\Local\Temp\stn2t2um.dll
C:\Users\PC\AppData\Local\Temp\sy1y0hxu.dll
C:\Users\PC\AppData\Local\Temp\s_us1nwa.dll
C:\Users\PC\AppData\Local\Temp\t-7tqbd0.dll
C:\Users\PC\AppData\Local\Temp\tester.dll
C:\Users\PC\AppData\Local\Temp\tgnlt-ja.dll
C:\Users\PC\AppData\Local\Temp\ti-nuclm.dll
C:\Users\PC\AppData\Local\Temp\u4ppxrs2.dll
C:\Users\PC\AppData\Local\Temp\ubll-vwp.dll
C:\Users\PC\AppData\Local\Temp\uwcqito-.dll
C:\Users\PC\AppData\Local\Temp\uyfj2_7j.dll
C:\Users\PC\AppData\Local\Temp\v4ejpvcl.dll
C:\Users\PC\AppData\Local\Temp\vcredist_x64.exe
C:\Users\PC\AppData\Local\Temp\vi6awbl4.dll
C:\Users\PC\AppData\Local\Temp\vpooraop.dll
C:\Users\PC\AppData\Local\Temp\vxk4vkyl.dll
C:\Users\PC\AppData\Local\Temp\wodj22dy.dll
C:\Users\PC\AppData\Local\Temp\wv9jdg3x.dll
C:\Users\PC\AppData\Local\Temp\xcbel7vz.dll
C:\Users\PC\AppData\Local\Temp\xeqaq8zf.dll
C:\Users\PC\AppData\Local\Temp\xieuqq8q.dll
C:\Users\PC\AppData\Local\Temp\xivximb2.dll
C:\Users\PC\AppData\Local\Temp\xum-2r_u.dll
C:\Users\PC\AppData\Local\Temp\yampmnxv.dll
C:\Users\PC\AppData\Local\Temp\ydl6e157.dll
C:\Users\PC\AppData\Local\Temp\yfjqidrk.dll
C:\Users\PC\AppData\Local\Temp\ygxfae6u.dll
C:\Users\PC\AppData\Local\Temp\zb4m0jrc.dll
C:\Users\PC\AppData\Local\Temp\zxr3qnrb.dll
C:\Users\PC\AppData\Local\Temp\_7rq2pia.dll
C:\Users\Test\AppData\Local\Temp\enik05sf.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-11 19:26

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2014
Ran by PC at 2014-10-15 11:02:08
Running from C:\Users\PC\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3Dカスタム少女 (HKLM-x32\...\{311EBF70-9282-41D1-BAB0-AD22220301B9}) (Version: 1.0.0 - TechArts3D)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3650 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4181 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (de-DE) (x32 Version: 14.0.1001.204 - AVG) Hidden
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.14 - CSR Plc.)
CLIP STUDIO PAINT (HKLM-x32\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.3.1 - CELSYS)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon Nest Europe (HKLM-x32\...\Dragon Nest Europe) (Version:  - )
Europe MapleStory (HKLM-x32\...\Europe MapleStory_is1) (Version:  - Nexon)
Flyff (HKLM-x32\...\{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1) (Version: Flyff - WEBZEN Inc)
Fujitsu Display Manager (HKLM-x32\...\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}) (Version:  - )
Fujitsu Display Manager (Version: 7.01.00.210 - Ihr Firmenname) Hidden
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version:  - )
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000 - Ihr Firmenname) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version:  - )
Fujitsu System Extension Utility (Version: 3.1.1.0 - FUJITSU LIMITED) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
ICQ Sparberater (HKLM-x32\...\{EC136321-1AE5-4A7F-B01C-5380D666175B}) (Version: 1.3.667 - solute gmbh)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.7.2405 - IObit)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LifeBook Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version:  - )
LifeBook Application Panel (Version: 8.1.0.0 - FUJITSU LIMITED) Hidden
LINE (HKLM-x32\...\LINE) (Version: 3.7.5.98 - LINE Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.0.30729.1 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version:  - Mobile Connection Manager)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 5.3.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 5.3.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version:  - )
Power Saving Utility (Version: 31.01.11.013 - FUJITSU LIMITED) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Trust Tablet Driver (HKLM-x32\...\TabletDriver) (Version:  - )
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
UTAU 歌声合成ツール (HKLM-x32\...\{5C134C7E-537D-4BA2-913D-A6F163DF10D4}) (Version: 1.0.74 - 飴屋プロジェクト)
UTAU 歌声合成ツール (HKLM-x32\...\{616A6B38-329A-4DD1-865A-24A89A1C95F0}) (Version: 1.1.1801 - 飴屋プロジェクト)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2679388482-3162788823-1320574773-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2679388482-3162788823-1320574773-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

01-10-2014 19:40:55 Windows Update
05-10-2014 17:00:04 Windows-Sicherung
12-10-2014 17:00:06 Windows-Sicherung
14-10-2014 23:30:53 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {27820563-F3CF-41BA-9D9B-3849C70FB765} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-10] (IObit)
Task: {4C2DDAB2-FFCC-4EC1-AE20-C0DE3ACB05A4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-15] (AVAST Software)
Task: {51B5B58A-C706-4DF4-98D7-1F23BC7E83A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-12] (Google Inc.)
Task: {659E6448-D96D-4A09-97C6-9FCC05E9111A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-12] (Google Inc.)
Task: {6ECA5297-D839-4F99-BD7C-B5D9850A6927} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2679388482-3162788823-1320574773-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-26] (Google Inc.)
Task: {8AD5D200-94DE-45FD-A649-ADD32151B9D7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2679388482-3162788823-1320574773-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-26] (Google Inc.)
Task: {97B58A7A-466D-4866-A07C-BD9465D0F594} - System32\Tasks\Google Updater and Installer => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-26] (Google Inc.)
Task: {AC2F2020-04CF-4B21-A73D-DFEE583B486F} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {B1DDD0D7-B912-4D94-8577-B598FD573922} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B795D27A-AB37-46A2-A08B-1CF72EABE033} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {C0F97087-8698-430F-92DF-2C2855E64824} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2679388482-3162788823-1320574773-1000Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2679388482-3162788823-1320574773-1000UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-25 14:37 - 2014-09-25 14:37 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-09 23:29 - 2014-09-09 23:29 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: AnyProtect Scanner => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
MSCONFIG\startupreg: CSRSkype => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: WTClient => WTClient.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2679388482-3162788823-1320574773-500 - Administrator - Disabled)
Gast (S-1-5-21-2679388482-3162788823-1320574773-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2679388482-3162788823-1320574773-1003 - Limited - Enabled)
PC (S-1-5-21-2679388482-3162788823-1320574773-1000 - Administrator - Enabled) => C:\Users\PC
Test (S-1-5-21-2679388482-3162788823-1320574773-1001 - Administrator - Enabled) => C:\Users\Test

==================== Faulty Device Manager Devices =============

Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2014 11:00:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2014 11:00:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2014 10:57:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nostalex.dat, Version: 0.9.3.3035, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: nostalex.dat, Version: 0.9.3.3035, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000606f1
ID des fehlerhaften Prozesses: 0x4c4
Startzeit der fehlerhaften Anwendung: 0xnostalex.dat0
Pfad der fehlerhaften Anwendung: nostalex.dat1
Pfad des fehlerhaften Moduls: nostalex.dat2
Berichtskennung: nostalex.dat3

Error: (10/15/2014 10:55:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nostalex.dat, Version: 0.9.3.3035, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: nostalex.dat, Version: 0.9.3.3035, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000606f1
ID des fehlerhaften Prozesses: 0x564
Startzeit der fehlerhaften Anwendung: 0xnostalex.dat0
Pfad der fehlerhaften Anwendung: nostalex.dat1
Pfad des fehlerhaften Moduls: nostalex.dat2
Berichtskennung: nostalex.dat3

Error: (10/15/2014 10:45:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 10:30:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 09:28:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 01:37:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x101c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/15/2014 01:31:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary ztsppkew.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/15/2014 00:55:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/15/2014 10:45:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/15/2014 10:45:08 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/15/2014 10:45:08 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/15/2014 10:45:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/15/2014 10:45:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/15/2014 10:45:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/15/2014 10:45:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/15/2014 10:45:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/15/2014 10:45:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/15/2014 10:45:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (10/15/2014 11:00:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\PC\Downloads\esetsmartinstaller_deu.exe

Error: (10/15/2014 11:00:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\PC\Downloads\esetsmartinstaller_deu(1).exe

Error: (10/15/2014 10:57:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nostalex.dat0.9.3.30352a425e19nostalex.dat0.9.3.30352a425e19c0000005000606f14c401cfe85615145340C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\NosTale\nostalex.datC:\Program Files (x86)\GameforgeLive\Games\DEU_deu\NosTale\nostalex.dat5c6c753d-5449-11e4-969c-5c9ad85aa5af

Error: (10/15/2014 10:55:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nostalex.dat0.9.3.30352a425e19nostalex.dat0.9.3.30352a425e19c0000005000606f156401cfe855b8482e11C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\NosTale\nostalex.datC:\Program Files (x86)\GameforgeLive\Games\DEU_deu\NosTale\nostalex.dat02a850a8-5449-11e4-969c-5c9ad85aa5af

Error: (10/15/2014 10:45:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 10:30:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 09:28:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 01:37:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b101c01cfe802cc3a58c1C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll0a1e6bbc-53fb-11e4-bbdc-e0ca94590b8d

Error: (10/15/2014 01:31:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary ztsppkew.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/15/2014 00:55:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-09-18 16:46:40.159
  Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-18 16:46:39.966
  Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-18 16:46:39.667
  Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-18 16:46:39.473
  Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentage of memory in use: 27%
Total physical RAM: 3892.55 MB
Available physical RAM: 2820.1 MB
Total Pagefile: 10034.73 MB
Available Pagefile: 9101.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:463.76 GB) (Free:258.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B477DB1C)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=463.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Ich hoffe so ist das richtig :/..
__________________
Alt 15.10.2014, 18:48   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Ist das ein Virus? - Standard

Ist das ein Virus?


hi,


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Ist das ein Virus?
aartemis, aartemis entfernen, automatisch, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 24, fehlercode windows, fängt, garnichts, gestern, ist das ein virus?, klicken, laptop, laufen, maus, programme, rechts, virus, virus?


« PUP.Optional.InstallCore.A Updater.exe erscheint trotz löschen wieder | Windows 7 - Startmenü fehlerhaft und keine Windows updates »


Ähnliche Themen: Ist das ein Virus?


  1. Virus versenden; virus angriff; virus schützen; rache;
    Log-Analyse und Auswertung - 06.12.2010 (10)
  2. AVG Anti Virus free meldet Virus PSW.Generic7.BWMP, Virus läßt sich nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (21)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ist das ein Virus? - Hallo, seit gestern fängt meine maus immer automatisch zu klicken an (größteils rechts). Da ich einen laptop habe kann ich die 'maus' nicht eben mal rausstöpseln. Ich hab mein laptop - Ist das ein Virus?...
Archiv
Du betrachtest: Ist das ein Virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131