Malware Fund von Maleware Antimalwarebytes

DK85B · 25.10.2014, 18:15

So ich erneut, dieses mal mein eigener Laptop.

Auf empfehlungen von einem Post mit der Diskussion über Vertrauen und Kompetenz von Antivir habe ich mir Avast! heruntergeladen, installiert und vorher Antivir deinstalliert und mit Antivir Reg cleaner ebenfalls aufgeräumt. Zudem habe ich Malware Antimalwarebytes installiert.

Danach ist mir aufgefallen das alle paar Minuten mein Bildschirm für eine Sekunde heller wurde und dann wieder wie es vorher war. Kam mir merkwürdig vor, also Malwarebytes ein Bedrohungsscan durchführen lassen. Hat auch etwas gefunden.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.10.2014
Suchlauf-Zeit: 11:53:25
Logdatei: MBAM Logdatei25102014.txt
Administrator: Nein

Version: 2.00.3.1025
Malware Datenbank: v2014.10.25.02
Rootkit Datenbank: v2014.10.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Standardbenutzer

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 270570
Verstrichene Zeit: 19 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 3
PUP.Optional.OpenCandy, C:\$RECYCLE.BIN\S-1-5-21-2749596473-3807292708-1484916309-1003\$RL4Y3MN.Install\FreemakeVideoConverterSetup_4.1.3.5.exe, , [a640d147007cf93de1d426fd877a15eb], 
PUP.Optional.OpenCandy, C:\$RECYCLE.BIN\S-1-5-21-2749596473-3807292708-1484916309-1003\$RL4Y3MN.Install\PhotoScape_V3.6.5.exe, , [19cd1503cfad47ef35db62f0c5406997], 
PUP.Optional.OpenCandy.A, C:\$RECYCLE.BIN\S-1-5-21-2749596473-3807292708-1484916309-1003\$RL4Y3MN.Install\winamp565_full_emusic-7plus_all.exe, , [cb1be632116b5cda4b4d6ad845bb42be], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Da ich jetzt aber einen Schritt übersprungen habe hoffe ich das es nicht schlimm ist und dennoch weiterarbeiten können.

Daher bitte ich euch auch hier um Hilfe. Danke =)

Gruß
DK85B

Edit1: Sorry habe gerade gemerkt das es nicht Admin Suchlauf ist. Ich lasse einen neuen Machen und poste ihn dann.

deeprybka · 25.10.2014, 18:19

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

DK85B · 25.10.2014, 18:23

Hallo Jürgen,

danke das du mir Hilft.

Ich wollte es mir herunterladen, da hat Avasst eine Infektion blockiert von der Seite die Verlinkt ist oO. Leider konnte ich die datei nicht herunterladen. Mein System Win8.1. und ich nutze FF33.0

Und nun wird jedes mal die Verbindung zurückgesetzt wenn ich die datei downloaden will.

Gruß und danke

deeprybka · 25.10.2014, 18:43

Probier das mal bitte:
http://www.bleepingcomputer.com/down...ery-scan-tool/

DK85B · 25.10.2014, 18:55

Avast hat leider schon wieder geblockt.

Die Infektionsgefahr heißt FileRepMalware und kommt von bleepingcomputer.com

deeprybka · 25.10.2014, 19:07

schalte das ding mal ab und probiere es dann...

DK85B · 25.10.2014, 19:17

Ok hat geklappt aber musste auch den Dateischutz ausschalten.

Hier also die Logfiles.

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014
Ran by Admin (administrator) on MADCAT on 25-10-2014 20:15:02
Running from C:\Users\Standardbenutzer\Desktop
Loaded Profiles: Admin & Standardbenutzer (Available profiles: Admin & Standardbenutzer)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(KaiJet) C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\WormholeKM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
() C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\ExImg\ImageRoot\WKMLoader.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
() C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\LEWD.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16384_x64__8wekyb3d8bbwe\glcnd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\LinkEngKM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-24] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2749596473-3807292708-1484916309-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-09-06] (Spotify Ltd)
HKU\S-1-5-21-2749596473-3807292708-1484916309-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2749596473-3807292708-1484916309-1003\...\Run: [CS Dispatch] => C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\WormholeKM.exe [437288 2012-02-01] (KaiJet)
HKU\S-1-5-21-2749596473-3807292708-1484916309-1003\...\MountPoints2: {cfe3ea53-8724-11e3-82bd-a4db306824c5} - "G:\iLinker.exe" 
HKU\S-1-5-21-2749596473-3807292708-1484916309-1003\...\MountPoints2: {fe7824e3-52c5-11e3-8270-a4db306824c5} - "D:\WKMLoader.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM - DefaultScope {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKLM - {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKCU - DefaultScope {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKCU - {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = 
SearchScopes: HKCU - {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default
FF DefaultSearchEngine: Websuche
FF SearchEngineOrder.1: Websuche
FF SelectedSearchEngine: Websuche
FF Homepage: hxxp://www.startseite24.net
FF Keyword.URL: hxxp://www.startseite24.net/?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\searchplugins\search_engine_trovi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-27]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-07]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-11-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-24]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-24] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-24] (Avast Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-04-19] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-04-19] (Secunia)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-24] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-24] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-24] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 20:15 - 2014-10-25 20:15 - 00024636 _____ () C:\Users\Standardbenutzer\Desktop\FRST.txt
2014-10-25 20:14 - 2014-10-25 20:15 - 00000000 ____D () C:\FRST
2014-10-25 20:13 - 2014-10-25 20:13 - 02112512 _____ (Farbar) C:\Users\Standardbenutzer\Desktop\FRST64.exe
2014-10-25 19:12 - 2014-10-25 19:12 - 00001716 _____ () C:\Users\Standardbenutzer\Desktop\mbam.txt
2014-10-25 13:31 - 2014-10-25 13:31 - 00000247 _____ () C:\Windows\system32\2014-10-25-11-31-26.091-aswFe.exe-5736.log
2014-10-25 13:25 - 2014-10-25 13:31 - 00000247 _____ () C:\Windows\system32\2014-10-25-11-25-41.014-aswFe.exe-1188.log
2014-10-25 13:25 - 2014-10-25 13:25 - 00000197 _____ () C:\Windows\system32\2014-10-25-11-25-38.099-AvastVBoxSVC.exe-5192.log
2014-10-25 13:19 - 2014-10-25 13:20 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-10-25 13:19 - 2014-10-25 13:20 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-25 11:39 - 2014-10-25 11:39 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Roaming\AVAST Software
2014-10-25 11:38 - 2014-10-25 11:38 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Local\Google
2014-10-24 23:17 - 2014-10-24 23:28 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 23:17 - 2014-10-24 23:25 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-24 23:17 - 2014-10-24 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-24 23:17 - 2014-10-24 23:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-24 23:17 - 2014-10-24 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 23:17 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-24 23:17 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-24 23:17 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-24 23:13 - 2014-10-24 23:17 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-24 23:13 - 2014-10-24 23:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-24 23:13 - 2014-10-24 23:13 - 00001991 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-24 23:13 - 2014-10-24 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-24 23:13 - 2014-10-24 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-24 23:13 - 2014-10-24 23:13 - 00000000 ____D () C:\AVAST Software
2014-10-24 23:12 - 2014-10-25 19:22 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 23:12 - 2014-10-24 23:17 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-24 23:12 - 2014-10-24 23:17 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-24 23:12 - 2014-10-24 23:17 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 23:12 - 2014-10-24 23:12 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-24 23:12 - 2014-10-24 23:12 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-24 23:12 - 2014-10-24 23:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-24 23:12 - 2014-10-24 23:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-10-24 23:12 - 2014-10-24 23:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-24 23:11 - 2014-10-24 23:11 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-24 23:10 - 2014-09-22 08:42 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-24 23:09 - 2014-10-24 23:11 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-24 23:03 - 2014-10-25 14:57 - 00000000 ____D () C:\Users\Standardbenutzer\Desktop\Neuer Ordner
2014-10-23 12:24 - 2014-10-23 12:24 - 01376768 _____ () C:\Users\Standardbenutzer\Downloads\7z920-x64.msi
2014-10-22 17:07 - 2014-10-22 17:07 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-10-19 19:23 - 2014-10-19 19:25 - 177856928 _____ (Oracle Corporation) C:\Users\Standardbenutzer\Downloads\jdk-8u25-windows-x64.exe
2014-10-19 19:13 - 2014-10-19 19:13 - 00000000 ____D () C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5
2014-10-19 19:12 - 2014-10-19 19:12 - 16551003 _____ () C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5.zip
2014-10-19 18:52 - 2014-10-19 19:29 - 00320936 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-19 18:52 - 2014-10-19 19:29 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-19 18:52 - 2014-10-19 19:29 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-19 18:52 - 2014-10-19 19:29 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-19 18:52 - 2014-10-19 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-19 18:48 - 2014-10-19 18:48 - 17882112 _____ (Secunia) C:\Users\Standardbenutzer\Downloads\AdobeAir_15.0.0.293_SPS.exe
2014-10-16 20:40 - 2014-10-16 20:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-16 18:52 - 2014-09-28 00:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 18:51 - 2014-09-08 05:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 18:51 - 2014-09-08 03:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 18:51 - 2014-09-08 03:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 18:51 - 2014-09-08 02:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 18:51 - 2014-09-08 02:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 18:51 - 2014-09-08 02:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 18:51 - 2014-09-08 02:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 18:51 - 2014-09-08 02:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 18:51 - 2014-09-08 02:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 18:51 - 2014-09-08 02:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 18:51 - 2014-09-08 01:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 18:51 - 2014-09-08 01:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 18:51 - 2014-09-08 01:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 18:51 - 2014-09-08 01:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 18:51 - 2014-09-04 02:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-16 18:51 - 2014-09-04 01:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-16 18:51 - 2014-09-04 01:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-16 18:50 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 18:50 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 18:50 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 18:50 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 18:50 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 18:50 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 18:50 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 18:50 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 18:50 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 18:50 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 18:50 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 18:50 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 18:50 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 18:50 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 18:50 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 18:50 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 18:50 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 18:50 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 18:50 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 18:50 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 18:50 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 18:50 - 2014-09-19 02:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 18:50 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 18:50 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 18:50 - 2014-09-19 02:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 18:50 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 18:50 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 18:50 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 18:50 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 18:50 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 18:50 - 2014-09-13 08:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 18:50 - 2014-09-13 07:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 18:50 - 2014-09-04 02:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 18:50 - 2014-09-04 02:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 18:50 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-16 18:50 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-16 18:50 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-16 18:50 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-16 18:50 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-16 18:50 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-16 18:50 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-16 18:50 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-16 18:50 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-16 18:50 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-16 18:50 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-16 18:50 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-16 18:50 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-16 18:50 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-16 18:50 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-16 18:50 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-16 18:50 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-16 18:50 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-16 18:50 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-16 18:50 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 18:50 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-16 18:50 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-16 18:50 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-16 18:50 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 18:50 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-16 18:50 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-16 18:50 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-16 18:50 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 18:50 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-16 18:50 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-16 18:50 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-16 18:50 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-16 18:50 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 18:50 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-16 18:50 - 2014-08-01 01:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-16 18:49 - 2014-09-13 08:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 18:49 - 2014-09-13 07:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 18:49 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-16 18:49 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-16 18:49 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-15 19:25 - 2014-10-15 19:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-30 18:50 - 2014-09-30 18:50 - 01101648 _____ () C:\Users\Standardbenutzer\Downloads\7 Zip 64 Bit - CHIP-Installer.exe
2014-09-28 18:55 - 2014-09-28 18:56 - 65741256 _____ (Adobe Systems Incorporated) C:\Users\Standardbenutzer\Downloads\ApplicationManager8.0_all(1).exe
2014-09-28 18:54 - 2014-09-28 18:54 - 69622519 _____ () C:\Users\Standardbenutzer\Downloads\ApplicationManager8.0_all.dmg
2014-09-28 15:33 - 2014-09-28 15:33 - 00001344 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-28 15:33 - 2014-09-28 15:33 - 00001332 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-28 15:30 - 2014-09-28 15:30 - 01101648 _____ () C:\Users\Standardbenutzer\Downloads\Adobe Application Manager CC - CHIP-Installer.exe
2014-09-28 15:05 - 2014-09-28 15:05 - 65741256 _____ (Adobe Systems Incorporated) C:\Users\Standardbenutzer\Downloads\ApplicationManager8.0_all.exe
2014-09-28 13:35 - 2014-09-28 13:35 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2014-09-28 13:35 - 2014-09-28 13:35 - 00000000 ____D () C:\Program Files\nodejs
2014-09-28 13:14 - 2014-09-28 13:14 - 00001100 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-09-28 13:03 - 2014-09-28 13:03 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-09-28 13:03 - 2014-09-28 13:03 - 00000000 ____D () C:\Windows\system32\NV
2014-09-28 12:59 - 2014-09-14 01:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-28 12:59 - 2014-09-14 01:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-28 12:59 - 2014-09-14 01:48 - 00032576 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-09-28 12:53 - 2014-09-04 21:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-28 12:53 - 2014-09-04 21:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-28 12:51 - 2014-09-28 13:10 - 00000000 ____D () C:\Users\TEMP.MadCat

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 20:01 - 2013-11-07 21:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-25 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-25 13:31 - 2013-10-13 06:59 - 01345097 _____ () C:\Windows\WindowsUpdate.log
2014-10-25 13:17 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-25 13:16 - 2013-09-07 08:13 - 00128188 _____ () C:\Windows\PFRO.log
2014-10-25 13:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-25 12:13 - 2013-11-07 21:32 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2749596473-3807292708-1484916309-1003
2014-10-25 11:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-25 11:41 - 2013-11-10 11:14 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Local\Adobe
2014-10-24 23:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-10-24 23:08 - 2013-10-13 07:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-24 21:11 - 2013-11-16 18:49 - 00000000 ____D () C:\Program Files (x86)\phase5
2014-10-22 17:07 - 2013-08-22 16:46 - 00031711 _____ () C:\Windows\setupact.log
2014-10-19 19:36 - 2014-07-20 12:48 - 00000000 ____D () C:\Program Files\Java
2014-10-19 19:31 - 2013-11-07 21:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-19 19:28 - 2014-07-20 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-10-19 18:52 - 2014-06-19 19:42 - 00009491 _____ () C:\Windows\SecuniaPackage.log
2014-10-19 18:49 - 2013-11-07 21:27 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Roaming\Adobe
2014-10-19 18:49 - 2013-11-07 21:11 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-19 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-10-19 12:24 - 2013-11-14 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-19 12:20 - 2013-11-14 19:31 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 11:09 - 2013-08-22 16:44 - 04987256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 11:07 - 2013-11-07 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-16 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-16 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-16 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-16 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-16 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-10-16 20:42 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-12 12:22 - 2013-09-06 23:25 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-12 12:22 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-10-12 12:22 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 11:29 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-30 00:45 - 2013-11-10 12:01 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-30 00:45 - 2013-11-10 12:01 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 18:59 - 2014-01-01 14:05 - 00000000 ____D () C:\Users\Standardbenutzer\Desktop\ZS
2014-09-28 15:32 - 2013-11-07 20:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-28 15:31 - 2014-08-19 12:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-09-28 13:03 - 2013-10-13 07:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-28 12:54 - 2013-10-13 06:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Admin\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.5.exe
C:\Users\Admin\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Admin\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\AAMHelper.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\avgnt.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\sqlite3.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\vlc-2.1.3-win64.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\vlc-2.1.4-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-12 19:07

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-10-2014
Ran by Admin at 2014-10-25 20:15:28
Running from C:\Users\Standardbenutzer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.293 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe CS6 Design and Web Premium (HKLM-x32\...\{402F6F2E-5683-491C-977D-0CA599A07CAF}) (Version: 6 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\{AF82C1A9-56DC-4CCD-A36C-CAE56D541DFA}) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Node.js (HKLM\...\{2FAE4331-AEA0-4A3D-B4B3-B1E78823BF1A}) (Version: 0.10.32 - Joyent, Inc. and other Node contributors)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Secunia PSI (2.0.0.3003) (HKLM-x32\...\Secunia PSI) (Version:  - )
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Addendum (x32 Version: 1.00 - TOSHIBA) Hidden
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 3.00.344 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-10-2014 11:55:53 Geplanter Prüfpunkt
14-10-2014 09:06:11 Geplanter Prüfpunkt
18-10-2014 09:51:34 Windows Update
19-10-2014 17:27:23 Installed Java SE Development Kit 8 Update 25 (64-bit)
24-10-2014 21:10:22 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F6A8444-3EEB-4E8E-A1FC-76DFB1118191} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-08-28] (TODO: <Company name>)
Task: {11D95335-92BF-420C-BF00-FBCF0DD0FD52} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-19] (Microsoft Corporation)
Task: {16E9FE0B-6357-4E59-8BA6-4EDBE137C7F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26ABA022-87CE-4458-8C0E-17169E93DA16} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35F509C2-F10D-48FA-83EC-E589C220435E} - System32\Tasks\AdobeAAMUpdater-1.0-MadCat-Standardbenutzer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41A33056-CE7F-4920-8688-EAA65D70FFDC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {4457D36B-4D38-4AFB-9D45-0D38B752637A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {57FCBD2A-1CC0-4F1C-BBE1-4F13466E8F94} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {746BF8EE-3F9A-41B2-848A-20BD07C55FEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {78287AF2-1DD4-4FC8-BC12-69FA16166189} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ABCD6CD8-A71F-4B7A-828A-818A1BE31458} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C3E2E6A0-BFD9-4DFC-9E27-AA151D090345} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C916B16B-79CC-4D74-BD1E-9399013B1DA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-19] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6367CD2-7AB7-4D40-9460-507D9AC1B776} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-24] (AVAST Software)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2DFDBE8-913A-4E1F-8DB8-3CF6FF497586} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-13 06:59 - 2014-09-14 01:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-13 07:00 - 2014-09-13 23:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-03-30 12:49 - 2011-11-29 09:55 - 00441312 _____ () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\ExImg\ImageRoot\WKMLoader.exe
2014-07-16 11:05 - 2014-07-16 11:05 - 05558432 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-03-30 12:49 - 2011-06-22 06:00 - 00035056 _____ () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\LEWD.exe
2014-10-24 23:12 - 2014-10-24 23:12 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-10-24 23:12 - 2014-10-24 23:12 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-30 12:49 - 2012-01-12 16:19 - 00344616 _____ () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\LinkEngKM.exe
2014-10-24 23:12 - 2014-10-24 23:12 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-10-25 19:24 - 2014-10-25 19:24 - 02897920 _____ () C:\Program Files\AVAST Software\Avast\defs\14102500\algo.dll
2013-11-21 18:08 - 2011-06-14 09:07 - 00036688 ____N () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\OSW08.dll
2013-11-21 18:08 - 2011-04-28 09:50 - 00039760 ____N () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\2208KM_HID.dll
2013-11-21 18:08 - 2014-09-28 13:16 - 00073728 ____N () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\ProdLic.DLL
2014-03-30 12:49 - 2010-08-25 05:58 - 00106496 _____ () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\MainExe\OTiOSW08.dll
2014-09-04 14:51 - 2014-09-04 14:51 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-07-03 06:45 - 2014-07-03 06:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-10-24 23:12 - 2014-10-24 23:12 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-13 06:54 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-15 19:25 - 2014-10-15 19:25 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-19 18:47 - 2014-09-14 01:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-21 18:08 - 2014-09-28 13:16 - 00073728 ____N () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\ProdLic.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Admin (S-1-5-21-2749596473-3807292708-1484916309-1002 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2749596473-3807292708-1484916309-500 - Administrator - Disabled)
Gast (S-1-5-21-2749596473-3807292708-1484916309-501 - Limited - Disabled)
Standardbenutzer (S-1-5-21-2749596473-3807292708-1484916309-1003 - Limited - Enabled) => C:\Users\Standardbenutzer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2014 02:12:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/25/2014 02:01:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/19/2014 07:31:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000052f0b
ID des fehlerhaften Prozesses: 0x1e0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (10/19/2014 07:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Illustrator.exe, Version: 16.0.5.691, Zeitstempel: 0x530c8d44
Name des fehlerhaften Moduls: Illustrator CS6\Illustrator.exe!??0?$basic_string@EU?$char_trai, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000139
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x1b70
Startzeit der fehlerhaften Anwendung: 0xIllustrator.exe0
Pfad der fehlerhaften Anwendung: Illustrator.exe1
Pfad des fehlerhaften Moduls: Illustrator.exe2
Berichtskennung: Illustrator.exe3
Vollständiger Name des fehlerhaften Pakets: Illustrator.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Illustrator.exe5

Error: (10/19/2014 07:15:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Illustrator.exe, Version: 16.0.5.691, Zeitstempel: 0x530c8d44
Name des fehlerhaften Moduls: tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000139
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xIllustrator.exe0
Pfad der fehlerhaften Anwendung: Illustrator.exe1
Pfad des fehlerhaften Moduls: Illustrator.exe2
Berichtskennung: Illustrator.exe3
Vollständiger Name des fehlerhaften Pakets: Illustrator.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Illustrator.exe5

Error: (10/19/2014 07:13:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Illustrator.exe, Version: 16.0.5.691, Zeitstempel: 0x530c8d44
Name des fehlerhaften Moduls: tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000139
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x80c
Startzeit der fehlerhaften Anwendung: 0xIllustrator.exe0
Pfad der fehlerhaften Anwendung: Illustrator.exe1
Pfad des fehlerhaften Moduls: Illustrator.exe2
Berichtskennung: Illustrator.exe3
Vollständiger Name des fehlerhaften Pakets: Illustrator.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Illustrator.exe5

Error: (10/19/2014 01:48:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/19/2014 01:47:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/19/2014 00:47:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/19/2014 00:46:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.


System errors:
=============
Error: (10/25/2014 01:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 01:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 01:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 01:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 01:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 01:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 01:15:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/25/2014 01:13:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/25/2014 01:11:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/25/2014 01:09:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


Microsoft Office Sessions:
=========================
Error: (10/25/2014 02:12:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/25/2014 02:01:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/19/2014 07:31:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1727853eebd22c00000050000000000052f0b1e001cfebc27f89b605C:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dllc068fba4-57b5-11e4-82ec-a4db306824c5

Error: (10/19/2014 07:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Illustrator.exe16.0.5.691530c8d44Illustrator CS6\Illustrator.exe!??0?$basic_string@EU?$char_trai6.3.9600.1727853eebd22c000013900000000000ec0b41b7001cfebc07e8964b8C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Illustrator.exeIllustrator CS6\Illustrator.exebcd6bb67-57b3-11e4-82ec-a4db306824c5

Error: (10/19/2014 07:15:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Illustrator.exe16.0.5.691530c8d44tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai6.3.9600.1727853eebd22c000013900000000000ec0b453401cfebc05333b2d2C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5\AdobeIllustrator16.0.5\win64\Illustrator.exetor16.0.5\win64\Illustrator.exe9317d317-57b3-11e4-82ec-a4db306824c5

Error: (10/19/2014 07:13:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Illustrator.exe16.0.5.691530c8d44tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai6.3.9600.1727853eebd22c000013900000000000ec0b480c01cfebc007c178a8C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5\AdobeIllustrator16.0.5\win64\Illustrator.exetor16.0.5\win64\Illustrator.exe48b199fa-57b3-11e4-82ec-a4db306824c5

Error: (10/19/2014 01:48:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe

Error: (10/19/2014 01:47:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/19/2014 00:47:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe

Error: (10/19/2014 00:46:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 20%
Total physical RAM: 12199.96 MB
Available physical RAM: 9654.96 MB
Total Pagefile: 14055.96 MB
Available Pagefile: 11262.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (TI31204300A) (Fixed) (Total:920.2 GB) (Free:839.68 GB) NTFS
Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:894.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

deeprybka · 25.10.2014, 19:38

Hi,

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
SearchScopes: HKLM - DefaultScope {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKCU - {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = 
SearchScopes: HKCU - {CF610C53-1294-4E62-9309-76F9F3B2C50E} URL = hxxp://www.startseite24.net/?q={searchTerms}
FF DefaultSearchEngine: Websuche
FF SearchEngineOrder.1: Websuche
FF SelectedSearchEngine: Websuche
FF Homepage: hxxp://www.startseite24.net
FF Keyword.URL: hxxp://www.startseite24.net/?q=
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2749596473-3807292708-1484916309-1002\...\Run: [AdobeBridge] => [X]
2014-09-28 15:30 - 2014-09-28 15:30 - 01101648 _____ () C:\Users\Standardbenutzer\Downloads\Adobe Application Manager CC - CHIP-Installer.exe
2014-09-30 18:50 - 2014-09-30 18:50 - 01101648 _____ () C:\Users\Standardbenutzer\Downloads\7 Zip 64 Bit - CHIP-Installer.exe
EmptyTemp:

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Fix-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2

Download

Bitte installiere das Programm in den vorgegebenen Pfad.
Starte das Programm durch Doppelklick der Desktopverknüpfung.
Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
Folge nun bitte der animierten Bildanleitung, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

Schritt 3

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

DK85B · 25.10.2014, 20:42

Hallo Jürgen

Das Tool fix von FBST habe ich 2 mal gestartet aber jedes mal wurde es abgebrochen weil es wohl nicht richtig funktionierte.

Vorhin habe ich es gestartet als admin aber es läuft immer noch. Ist das normal?
Beim ersten Versich wurde eine Fixlog erstellt aber der wurde ja abgebrochen und war als Standdardbenutzer.

Was mach ich jetzt?

Danke dir.

Gruß
DK85B

deeprybka · 25.10.2014, 20:54

Abbrechen und mit Schritt 2 und 3 fortfahren. (BTW: Unsere Tools brauchen immer Admin-Rechte!

)

DK85B · 26.10.2014, 18:26

Hallo Jürgen,

entschuldigung, ging gestern nicht mehr. Hätte zu lange gedauert.

Deswegen jetzt die Scans und Files von Schritt 2 & 3. Hätte halt auch noch von Schritt 1 den Logfile.

Code:

ATTFilter

Emsisoft Emergency Kit - Version 9.0
Letztes Update: 25.10.2014 22:06:37
Benutzerkonto: MadCat\Admin

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:	26.10.2014 16:42:15
C:\ProgramData\apn 	gefunden: Application.AppInstall (A)

Gescannt	390132
Gefunden	1

Scan Ende:	26.10.2014 17:54:25
Scan Zeit:	1:12:10

C:\ProgramData\apn	Quarantäne Application.AppInstall (A)

Quarantäne	1

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
Ran by Admin (administrator) on MADCAT on 26-10-2014 18:21:17
Running from C:\Users\Standardbenutzer\Desktop
Loaded Profiles: Admin & Standardbenutzer (Available profiles: Admin & Standardbenutzer)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(KaiJet) C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\WormholeKM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16384_x64__8wekyb3d8bbwe\glcnd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-24] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2749596473-3807292708-1484916309-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-09-06] (Spotify Ltd)
HKU\S-1-5-21-2749596473-3807292708-1484916309-1003\...\Run: [CS Dispatch] => C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\WormholeKM.exe [437288 2012-02-01] (KaiJet)
HKU\S-1-5-21-2749596473-3807292708-1484916309-1003\...\MountPoints2: {cfe3ea53-8724-11e3-82bd-a4db306824c5} - "G:\iLinker.exe" 
HKU\S-1-5-21-2749596473-3807292708-1484916309-1003\...\MountPoints2: {fe7824e3-52c5-11e3-8270-a4db306824c5} - "D:\WKMLoader.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKLM-x32 - DefaultScope {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKLM-x32 - {161341FC-DBFF-4AFB-AFAE-6443F16E5028} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\searchplugins\search_engine_trovi.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-27]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-07]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jmnvwucn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-11-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-24]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-24] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-24] (Avast Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-04-19] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-04-19] (Secunia)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-24] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-10-24] (Emsisoft GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-24] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 18:21 - 2014-10-26 18:21 - 00023544 _____ () C:\Users\Standardbenutzer\Desktop\FRST.txt
2014-10-26 18:21 - 2014-10-26 18:21 - 00000000 ____D () C:\Users\Standardbenutzer\Desktop\FRST-OlderVersion
2014-10-26 18:04 - 2014-10-26 18:00 - 00001180 _____ () C:\Users\Standardbenutzer\Desktop\a2scan_141026-164215.txt
2014-10-26 17:59 - 2014-10-26 18:00 - 00001180 _____ () C:\Users\Admin\Desktop\a2scan_141026-164215.txt
2014-10-25 21:04 - 2014-10-25 21:04 - 00001050 _____ () C:\Users\Standardbenutzer\Desktop\Start Emergency Kit Scanner - Verknüpfung.lnk
2014-10-25 21:03 - 2014-10-26 16:41 - 00000000 ____D () C:\EEK
2014-10-25 21:03 - 2014-10-25 21:03 - 00000766 _____ () C:\Users\Admin\Desktop\Start Emsisoft Emergency Kit.lnk
2014-10-25 21:02 - 2014-10-25 21:02 - 00000197 _____ () C:\Windows\system32\2014-10-25-20-02-09.083-AvastVBoxSVC.exe-4528.log
2014-10-25 19:43 - 2014-10-25 19:44 - 153563680 _____ () C:\Users\Standardbenutzer\Desktop\EmsisoftEmergencyKit.exe
2014-10-25 19:43 - 2014-10-25 19:43 - 00001381 _____ () C:\Users\Standardbenutzer\Desktop\Fixlist.txt
2014-10-25 19:14 - 2014-10-26 18:21 - 00000000 ____D () C:\FRST
2014-10-25 19:13 - 2014-10-26 18:21 - 02113024 _____ (Farbar) C:\Users\Standardbenutzer\Desktop\FRST64.exe
2014-10-25 12:31 - 2014-10-25 12:31 - 00000247 _____ () C:\Windows\system32\2014-10-25-11-31-26.091-aswFe.exe-5736.log
2014-10-25 12:25 - 2014-10-25 12:31 - 00000247 _____ () C:\Windows\system32\2014-10-25-11-25-41.014-aswFe.exe-1188.log
2014-10-25 12:25 - 2014-10-25 12:25 - 00000197 _____ () C:\Windows\system32\2014-10-25-11-25-38.099-AvastVBoxSVC.exe-5192.log
2014-10-25 12:19 - 2014-10-25 12:20 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-10-25 12:19 - 2014-10-25 12:20 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-25 10:39 - 2014-10-25 10:39 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Roaming\AVAST Software
2014-10-25 10:38 - 2014-10-25 10:38 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Local\Google
2014-10-24 22:17 - 2014-10-24 22:28 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 22:17 - 2014-10-24 22:25 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-24 22:17 - 2014-10-24 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-24 22:17 - 2014-10-24 22:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-24 22:17 - 2014-10-24 22:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 22:17 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-24 22:17 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-24 22:17 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-24 22:13 - 2014-10-24 22:17 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-24 22:13 - 2014-10-24 22:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-24 22:13 - 2014-10-24 22:13 - 00001991 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-24 22:13 - 2014-10-24 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-24 22:13 - 2014-10-24 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-24 22:13 - 2014-10-24 22:13 - 00000000 ____D () C:\AVAST Software
2014-10-24 22:12 - 2014-10-26 17:22 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 22:12 - 2014-10-24 22:17 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-24 22:12 - 2014-10-24 22:17 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-24 22:12 - 2014-10-24 22:17 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 22:12 - 2014-10-24 22:12 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-24 22:12 - 2014-10-24 22:12 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-24 22:12 - 2014-10-24 22:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-24 22:12 - 2014-10-24 22:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-10-24 22:12 - 2014-10-24 22:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-24 22:11 - 2014-10-24 22:11 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-24 22:10 - 2014-09-22 07:42 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-24 22:09 - 2014-10-24 22:11 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-24 22:03 - 2014-10-26 18:07 - 00000000 ____D () C:\Users\Standardbenutzer\Desktop\Neuer Ordner
2014-10-23 11:24 - 2014-10-23 11:24 - 01376768 _____ () C:\Users\Standardbenutzer\Downloads\7z920-x64.msi
2014-10-22 16:07 - 2014-10-22 16:07 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-10-19 18:23 - 2014-10-19 18:25 - 177856928 _____ (Oracle Corporation) C:\Users\Standardbenutzer\Downloads\jdk-8u25-windows-x64.exe
2014-10-19 18:13 - 2014-10-19 18:13 - 00000000 ____D () C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5
2014-10-19 18:12 - 2014-10-19 18:12 - 16551003 _____ () C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5.zip
2014-10-19 17:52 - 2014-10-19 18:29 - 00320936 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-19 17:52 - 2014-10-19 18:29 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-19 17:52 - 2014-10-19 18:29 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-19 17:52 - 2014-10-19 18:29 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-19 17:52 - 2014-10-19 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-19 17:48 - 2014-10-19 17:48 - 17882112 _____ (Secunia) C:\Users\Standardbenutzer\Downloads\AdobeAir_15.0.0.293_SPS.exe
2014-10-16 19:40 - 2014-10-16 19:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-16 17:52 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 17:51 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 17:51 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 17:51 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 17:51 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 17:51 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 17:51 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 17:51 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 17:51 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 17:51 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 17:51 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 17:51 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 17:51 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 17:51 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 17:51 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 17:51 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-16 17:51 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-16 17:51 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-16 17:50 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 17:50 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 17:50 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 17:50 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 17:50 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 17:50 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 17:50 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 17:50 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 17:50 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 17:50 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 17:50 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 17:50 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 17:50 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 17:50 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 17:50 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 17:50 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 17:50 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 17:50 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 17:50 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 17:50 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 17:50 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 17:50 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 17:50 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 17:50 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 17:50 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 17:50 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 17:50 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 17:50 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 17:50 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 17:50 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 17:50 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 17:50 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 17:50 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 17:50 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 17:50 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-16 17:50 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-16 17:50 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-16 17:50 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-16 17:50 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-16 17:50 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-16 17:50 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-16 17:50 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-16 17:50 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-16 17:50 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-16 17:50 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-16 17:50 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-16 17:50 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-16 17:50 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-16 17:50 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-16 17:50 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-16 17:50 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-16 17:50 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-16 17:50 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-16 17:50 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 17:50 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-16 17:50 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-16 17:50 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-16 17:50 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 17:50 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-16 17:50 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-16 17:50 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-16 17:50 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 17:50 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-16 17:50 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-16 17:50 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-16 17:50 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-16 17:50 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 17:50 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-16 17:50 - 2014-08-01 00:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-16 17:49 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 17:49 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 17:49 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-16 17:49 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-16 17:49 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-15 18:25 - 2014-10-15 18:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-28 17:55 - 2014-09-28 17:56 - 65741256 _____ (Adobe Systems Incorporated) C:\Users\Standardbenutzer\Downloads\ApplicationManager8.0_all(1).exe
2014-09-28 17:54 - 2014-09-28 17:54 - 69622519 _____ () C:\Users\Standardbenutzer\Downloads\ApplicationManager8.0_all.dmg
2014-09-28 14:33 - 2014-09-28 14:33 - 00001344 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-28 14:33 - 2014-09-28 14:33 - 00001332 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-28 14:05 - 2014-09-28 14:05 - 65741256 _____ (Adobe Systems Incorporated) C:\Users\Standardbenutzer\Downloads\ApplicationManager8.0_all.exe
2014-09-28 12:35 - 2014-09-28 12:35 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2014-09-28 12:35 - 2014-09-28 12:35 - 00000000 ____D () C:\Program Files\nodejs
2014-09-28 12:14 - 2014-09-28 12:14 - 00001100 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-09-28 12:03 - 2014-09-28 12:03 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-09-28 12:03 - 2014-09-28 12:03 - 00000000 ____D () C:\Windows\system32\NV
2014-09-28 11:59 - 2014-09-14 00:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-28 11:59 - 2014-09-14 00:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-28 11:59 - 2014-09-14 00:48 - 00032576 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-09-28 11:53 - 2014-09-04 20:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-28 11:53 - 2014-09-04 20:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-28 11:51 - 2014-09-28 12:10 - 00000000 ____D () C:\Users\TEMP.MadCat

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 18:13 - 2013-10-13 05:59 - 01421378 _____ () C:\Windows\WindowsUpdate.log
2014-10-26 18:01 - 2013-11-07 20:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-26 16:48 - 2013-11-10 10:14 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Local\Adobe
2014-10-25 20:59 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-25 12:16 - 2013-09-07 07:13 - 00128188 _____ () C:\Windows\PFRO.log
2014-10-25 12:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-25 11:13 - 2013-11-07 20:32 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2749596473-3807292708-1484916309-1003
2014-10-25 10:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-24 22:09 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-10-24 22:08 - 2013-10-13 06:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-24 20:11 - 2013-11-16 17:49 - 00000000 ____D () C:\Program Files (x86)\phase5
2014-10-22 16:07 - 2013-08-22 15:46 - 00031711 _____ () C:\Windows\setupact.log
2014-10-19 18:36 - 2014-07-20 11:48 - 00000000 ____D () C:\Program Files\Java
2014-10-19 18:31 - 2013-11-07 20:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-19 18:28 - 2014-07-20 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-10-19 17:52 - 2014-06-19 18:42 - 00009491 _____ () C:\Windows\SecuniaPackage.log
2014-10-19 17:49 - 2013-11-07 20:27 - 00000000 ____D () C:\Users\Standardbenutzer\AppData\Roaming\Adobe
2014-10-19 17:49 - 2013-11-07 20:11 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-19 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-10-19 11:24 - 2013-11-14 18:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-19 11:20 - 2013-11-14 18:31 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 10:09 - 2013-08-22 15:44 - 04987256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 10:07 - 2013-11-07 19:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-16 20:40 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-16 20:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-16 20:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-16 20:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-16 20:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2014-10-16 19:42 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-12 11:22 - 2013-09-06 22:25 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-12 11:22 - 2013-08-28 10:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-10-12 11:22 - 2013-08-28 10:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 10:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-29 23:45 - 2013-11-10 11:01 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 23:45 - 2013-11-10 11:01 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 17:59 - 2014-01-01 13:05 - 00000000 ____D () C:\Users\Standardbenutzer\Desktop\ZS
2014-09-28 14:32 - 2013-11-07 19:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-28 14:31 - 2014-08-19 11:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-09-28 12:03 - 2013-10-13 06:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-28 11:54 - 2013-10-13 05:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

Some content of TEMP:
====================
C:\Users\Standardbenutzer\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\avgnt.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\sqlite3.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\vlc-2.1.3-win64.exe
C:\Users\Standardbenutzer\AppData\Local\Temp\vlc-2.1.4-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-12 18:07

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014
Ran by Admin at 2014-10-26 18:22:01
Running from C:\Users\Standardbenutzer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe CS6 Design and Web Premium (HKLM-x32\...\{402F6F2E-5683-491C-977D-0CA599A07CAF}) (Version: 6 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\{AF82C1A9-56DC-4CCD-A36C-CAE56D541DFA}) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Node.js (HKLM\...\{2FAE4331-AEA0-4A3D-B4B3-B1E78823BF1A}) (Version: 0.10.32 - Joyent, Inc. and other Node contributors)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Secunia PSI (2.0.0.3003) (HKLM-x32\...\Secunia PSI) (Version:  - )
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Addendum (x32 Version: 1.00 - TOSHIBA) Hidden
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 3.00.344 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-10-2014 11:55:53 Geplanter Prüfpunkt
14-10-2014 09:06:11 Geplanter Prüfpunkt
18-10-2014 09:51:34 Windows Update
19-10-2014 17:27:23 Installed Java SE Development Kit 8 Update 25 (64-bit)
24-10-2014 21:10:22 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F6A8444-3EEB-4E8E-A1FC-76DFB1118191} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-08-28] (TODO: <Company name>)
Task: {16E9FE0B-6357-4E59-8BA6-4EDBE137C7F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26ABA022-87CE-4458-8C0E-17169E93DA16} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35F509C2-F10D-48FA-83EC-E589C220435E} - System32\Tasks\AdobeAAMUpdater-1.0-MadCat-Standardbenutzer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41A33056-CE7F-4920-8688-EAA65D70FFDC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {4457D36B-4D38-4AFB-9D45-0D38B752637A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {57FCBD2A-1CC0-4F1C-BBE1-4F13466E8F94} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {746BF8EE-3F9A-41B2-848A-20BD07C55FEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {78287AF2-1DD4-4FC8-BC12-69FA16166189} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8B287A89-B4F1-4AF7-8950-EB9AE5419472} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-19] (Microsoft Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ABCD6CD8-A71F-4B7A-828A-818A1BE31458} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C3E2E6A0-BFD9-4DFC-9E27-AA151D090345} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C916B16B-79CC-4D74-BD1E-9399013B1DA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-19] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6367CD2-7AB7-4D40-9460-507D9AC1B776} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-24] (AVAST Software)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2DFDBE8-913A-4E1F-8DB8-3CF6FF497586} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-27 20:53 - 2013-03-27 20:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 20:54 - 2013-09-10 20:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2014-10-24 22:12 - 2014-10-24 22:12 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-10-24 22:12 - 2014-10-24 22:12 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-10-13 05:59 - 2014-09-14 00:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-13 06:00 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-16 10:06 - 2014-07-16 10:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-07-16 10:05 - 2014-07-16 10:05 - 05558432 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-10-25 18:24 - 2014-10-25 18:24 - 02897920 _____ () C:\Program Files\AVAST Software\Avast\defs\14102500\algo.dll
2014-10-24 22:12 - 2014-10-24 22:12 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-10-26 17:52 - 2014-10-26 17:52 - 02897920 _____ () C:\Program Files\AVAST Software\Avast\defs\14102501\algo.dll
2013-10-13 05:54 - 2013-09-04 00:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-11-21 17:08 - 2011-06-14 08:07 - 00036688 ____N () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\OSW08.dll
2013-11-21 17:08 - 2011-04-28 08:50 - 00039760 ____N () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\2208KM_HID.dll
2013-11-21 17:08 - 2014-09-28 12:16 - 00073728 ____N () C:\Users\Standardbenutzer\AppData\Roaming\KaiJet\Wormhole KM Switch\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\ProdLic.DLL
2014-09-04 13:51 - 2014-09-04 13:51 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-07-03 05:45 - 2014-07-03 05:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-10-24 22:12 - 2014-10-24 22:12 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-15 18:25 - 2014-10-15 18:25 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-19 17:47 - 2014-09-14 00:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Admin (S-1-5-21-2749596473-3807292708-1484916309-1002 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2749596473-3807292708-1484916309-500 - Administrator - Disabled)
Gast (S-1-5-21-2749596473-3807292708-1484916309-501 - Limited - Disabled)
Standardbenutzer (S-1-5-21-2749596473-3807292708-1484916309-1003 - Limited - Enabled) => C:\Users\Standardbenutzer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2014 07:48:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 25.10.2014.0, Zeitstempel: 0x544b7088
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x000000000002b110
ID des fehlerhaften Prozesses: 0x1758
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
Vollständiger Name des fehlerhaften Pakets: FRST64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FRST64.exe5

Error: (10/25/2014 07:46:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 25.10.2014.0, Zeitstempel: 0x544b7088
Name des fehlerhaften Moduls: FRST64.exe, Version: 25.10.2014.0, Zeitstempel: 0x544b7088
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000247c9
ID des fehlerhaften Prozesses: 0x19d0
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
Vollständiger Name des fehlerhaften Pakets: FRST64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FRST64.exe5

Error: (10/25/2014 01:12:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/25/2014 01:01:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/19/2014 06:31:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000052f0b
ID des fehlerhaften Prozesses: 0x1e0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (10/19/2014 06:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Illustrator.exe, Version: 16.0.5.691, Zeitstempel: 0x530c8d44
Name des fehlerhaften Moduls: Illustrator CS6\Illustrator.exe!??0?$basic_string@EU?$char_trai, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000139
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x1b70
Startzeit der fehlerhaften Anwendung: 0xIllustrator.exe0
Pfad der fehlerhaften Anwendung: Illustrator.exe1
Pfad des fehlerhaften Moduls: Illustrator.exe2
Berichtskennung: Illustrator.exe3
Vollständiger Name des fehlerhaften Pakets: Illustrator.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Illustrator.exe5

Error: (10/19/2014 06:15:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Illustrator.exe, Version: 16.0.5.691, Zeitstempel: 0x530c8d44
Name des fehlerhaften Moduls: tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000139
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xIllustrator.exe0
Pfad der fehlerhaften Anwendung: Illustrator.exe1
Pfad des fehlerhaften Moduls: Illustrator.exe2
Berichtskennung: Illustrator.exe3
Vollständiger Name des fehlerhaften Pakets: Illustrator.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Illustrator.exe5

Error: (10/19/2014 06:13:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Illustrator.exe, Version: 16.0.5.691, Zeitstempel: 0x530c8d44
Name des fehlerhaften Moduls: tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000139
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x80c
Startzeit der fehlerhaften Anwendung: 0xIllustrator.exe0
Pfad der fehlerhaften Anwendung: Illustrator.exe1
Pfad des fehlerhaften Moduls: Illustrator.exe2
Berichtskennung: Illustrator.exe3
Vollständiger Name des fehlerhaften Pakets: Illustrator.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Illustrator.exe5

Error: (10/19/2014 00:48:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (10/19/2014 00:47:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.


System errors:
=============
Error: (10/26/2014 05:59:27 PM) (Source: DCOM) (EventID: 10010) (User: MadCat)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/25/2014 00:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 00:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 00:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 00:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 00:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 00:17:56 PM) (Source: DCOM) (EventID: 10016) (User: MadCat)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MadCatStandardbenutzerS-1-5-21-2749596473-3807292708-1484916309-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/25/2014 00:15:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/25/2014 00:13:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (10/25/2014 00:11:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


Microsoft Office Sessions:
=========================
Error: (10/25/2014 07:48:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe25.10.2014.0544b7088ntdll.dll6.3.9600.1727853eebd22c00000fd000000000002b110175801cff08409ef55deC:\Users\Standardbenutzer\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll75e478ad-5c77-11e4-82ee-a4db306824c5

Error: (10/25/2014 07:46:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe25.10.2014.0544b7088FRST64.exe25.10.2014.0544b7088c000000500000000000247c919d001cff083ea405bffC:\Users\Standardbenutzer\Desktop\FRST64.exeC:\Users\Standardbenutzer\Desktop\FRST64.exe3b47314b-5c77-11e4-82ee-a4db306824c5

Error: (10/25/2014 01:12:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/25/2014 01:01:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/19/2014 06:31:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1727853eebd22c00000050000000000052f0b1e001cfebc27f89b605C:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dllc068fba4-57b5-11e4-82ec-a4db306824c5

Error: (10/19/2014 06:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Illustrator.exe16.0.5.691530c8d44Illustrator CS6\Illustrator.exe!??0?$basic_string@EU?$char_trai6.3.9600.1727853eebd22c000013900000000000ec0b41b7001cfebc07e8964b8C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Illustrator.exeIllustrator CS6\Illustrator.exebcd6bb67-57b3-11e4-82ec-a4db306824c5

Error: (10/19/2014 06:15:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Illustrator.exe16.0.5.691530c8d44tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai6.3.9600.1727853eebd22c000013900000000000ec0b453401cfebc05333b2d2C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5\AdobeIllustrator16.0.5\win64\Illustrator.exetor16.0.5\win64\Illustrator.exe9317d317-57b3-11e4-82ec-a4db306824c5

Error: (10/19/2014 06:13:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Illustrator.exe16.0.5.691530c8d44tor16.0.5\win64\Illustrator.exe!??0?$basic_string@EU?$char_trai6.3.9600.1727853eebd22c000013900000000000ec0b480c01cfebc007c178a8C:\Users\Standardbenutzer\Downloads\AdobeIllustrator16.0.5\AdobeIllustrator16.0.5\win64\Illustrator.exetor16.0.5\win64\Illustrator.exe48b199fa-57b3-11e4-82ec-a4db306824c5

Error: (10/19/2014 00:48:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe

Error: (10/19/2014 00:47:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 26%
Total physical RAM: 12199.96 MB
Available physical RAM: 9027.81 MB
Total Pagefile: 14055.96 MB
Available Pagefile: 10901.11 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (TI31204300A) (Fixed) (Total:920.2 GB) (Free:841.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

deeprybka · 26.10.2014, 18:35

Prima. Wenn es sonst keine Probleme mehr gibt sind wir fertig.

Cleanup:

Alle Logs gepostet? Ja! Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

>>clean<<
Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Wie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

Updates & Software

Beim Betriebsystem Windows die automatischen Updates aktivieren.

Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player & PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Firewall, Antivirus & Co.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. (Updatefunktion aktivieren!)
Meine Empfehlungen:
Kaspersky Antivirus
Emsisoft Anti-Malware
avast Free Antivirus
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Cracks, Downloads & Co.

Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)

Auch virustotal.com ist Dein Freund! Lade dubiose oder unbekannte Dateien hoch, bevor Du diese startest oder installierst.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).

Surfe daher mit Vorsicht und klicke mit Verstand.
Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.

Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

DK85B · 26.10.2014, 19:01

Was ist mit meinem Laptop los!!!!!!!!???

Der Bildschirm ist schwarz und es geht nichts mehr.

Ich Habe delfix installiert und gestartet und nun ist ncihts mehr.

Hilfe!!! Bitte

Sorry aber irgendetwas hat gerade ganz und gar nicht gestimmt. Nach dem ich mich im Admin konto eingelogt habe und dann wieder in den Standard ist alles wieder da, aber normal finde ich das nicht.

deeprybka · 26.10.2014, 19:07

? Äh es steht doch dabei was DelFix macht. Es werden z.B. alte Wiederherstellungspunkte gelöscht und die Tools.
Nach einem Reboot sollte alles OK sein.

DK85B · 26.10.2014, 19:11

Ja aber ich hatte gerade richtig schiß gehabt weil es sich gar nichts gerührt hatte.

Sorry hatte voreillig gepostet und panik gehabt.

Dennoch vielen danke für deine Hilfe

25.10.2014, 18:43	#4
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Malware Fund von Maleware Antimalwarebytes Probier das mal bitte: http://www.bleepingcomputer.com/down...ery-scan-tool/ __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

25.10.2014, 19:07	#6
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Malware Fund von Maleware Antimalwarebytes schalte das ding mal ab und probiere es dann... __________________ --> Malware Fund von Maleware Antimalwarebytes

25.10.2014, 20:54	#10
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Malware Fund von Maleware Antimalwarebytes Abbrechen und mit Schritt 2 und 3 fortfahren. (BTW: Unsere Tools brauchen immer Admin-Rechte! ) __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Malware Fund von Maleware Antimalwarebytes

Log-Analyse und Auswertung: Malware Fund von Maleware Antimalwarebytes