Laptop WinVista sehr langsam

Kilkan · 10.11.2014, 13:09

Hallo Leute,

ich habe seit ein paar tagen das Problem das mein Laptop total langsam startet und wenn er es dann doch einmal geschafft hat, man mit ihm nicht mehr viel anfangen kann z.B. Programme öffnen, Im I-net surfen etc.
Zudem beginnt der Lüfter nach ca. 5min immer hoch und runter zu touren.
Im Taskmanager ist die Auslastung immer relativ hoch (70-100%),
habe aber den verursacher nicht identifizieren können.

Kann mir jemand sagen wie ich mein Laptop wieder in den Griff bekomme?
Meine Systemdaten:

ASUS X70ABseries
4GB RAM
AMD Athlon X2 DualCore QL-65 2,1 GHz
WinVista Home Premium 32-bit

Habe mal mit Core Temp die Temperatur des Prozessors anschauen wollen da ist mir aufgefallen das es mir nur 1 Kern anzeigt,
kann das möglich sein das einer kaputt ist?

LG Kilkan4

Anhang: -Hijackthis
-Foto von Core Temp

cosinus · 10.11.2014, 13:42

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Kilkan · 10.11.2014, 13:59

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-11-2014 01
Ran by Mikejana (administrator) on MIKEBÜRO on 10-11-2014 13:48:53
Running from C:\Users\Mikejana\Downloads
Loaded Profiles: Mikejana & NeroMediaHomeUser.4 (Available profiles: Mikejana & NeroMediaHomeUser.4)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(DATA BECKER GmbH & Co KG) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
() C:\Users\Mikejana\AppData\Roaming\Host System\host.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\FaxApplications.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Bytemobile, Inc.) C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\bmctl.exe
() C:\Users\Mikejana\Downloads\CoreTemp_106 (1)\CoreTemp32\Core Temp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [494976 2009-05-08] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1392640 2009-04-30] (VIA)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2009-04-03] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-02] (ASUS)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8392704 2009-03-04] (ASUS)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2009-03-27] (ASUS)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2009-08-29] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2009-08-29] ()
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2008-10-01] (ATK)
HKLM\...\Run: [ADSMTray] => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-05-18] (ASUSTek Computer Inc.)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [SRS Premium Sound] => C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [3417336 2009-05-28] (SRS Labs, Inc.)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-29] (Google Inc.)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [Nero MediaHome 4] => C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {9581843f-90d9-11df-b0d9-90e6ba1862da} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {95818446-90d9-11df-b0d9-001e101fb9b7} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {ed468226-de69-11e3-a562-90e6ba1862da} - F:\AutoRun.exe
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {ed468234-de69-11e3-a562-90e6ba1862da} - H:\AutoRun.exe
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {f5796471-933f-11df-b1a6-001e101f19f4} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1561598099-2071657461-1572641555-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_deDE384
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_deDE384
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {269D0B18-45D0-46D0-A644-2D60D928BC7F} -> C:\Users\Mikejana\AppData\LocalLow\Internet Explorer BHO\bho.dll ()
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
Winsock: Catalog9 01 bmnet.dll File Not found ()
Winsock: Catalog9 02 bmnet.dll File Not found ()
Winsock: Catalog9 03 bmnet.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com [2014-11-06]
FF Extension: Cliqz Beta - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\cliqz@cliqz.com [2014-11-09]
FF Extension: No Name - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\faststartff@gmail.com [2014-11-06]
FF Extension: Foxy-Secure v7 - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\fox@foxy.sec.com [2014-09-22]
FF Extension: SparPilot - Gutscheine &amp; mehr... - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\sparpilot@sparpilot.com [2014-09-29]
FF Extension: WEB.DE MailCheck - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\toolbar@web.de [2014-11-06]
FF Extension: video addon plus - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{8f6ce89b-9a9b-4c82-953c-241c8d007283}.xpi [2014-09-26]
FF Extension: {a3bb453d-44bc-4839-b40e-5a7e44865f3f} - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{a3bb453d-44bc-4839-b40e-5a7e44865f3f}.xpi [2014-09-22]
FF Extension: Adblock Plus - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-19]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn [2011-10-14]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2010-07-18]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-21]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Profile: C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-22]
CHR Extension: (Amazon) - C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2014-09-22]
CHR Extension: (Google Wallet) - C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Mikejana\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-09-22]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 DBService; C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [File not signed]
R2 HostService; C:\Users\Mikejana\AppData\Roaming\Host System\host.exe [536576 2014-07-23] () [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2013-04-10] ()
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [656976 2013-05-21] ()
R2 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [117648 2011-09-22] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [107744 2009-05-28] (SRS Labs, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [183312 2008-10-03] (Advanced Micro Devices, Inc)
R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [30264 2009-08-29] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R1 BHDrvx86; C:\Windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys [259632 2010-01-20] (Symantec Corporation)
U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [File not signed]
R1 ccHP; C:\Windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys [467592 2011-10-11] (Symantec Corporation)
R3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-03-07] (Generic)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-09-15] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-08-27] (Symantec Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [94208 2009-05-08] (ELAN Microelectronic Corp.)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [108032 2013-08-22] (Huawei Technologies Co., Ltd.)
S3 hwusb_cdcecm; C:\Windows\System32\DRIVERS\ew_cdcecm.sys [116352 2013-07-25] (Huawei Technologies Co., Ltd.)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20141107.001\IDSvix86.sys [476888 2014-08-23] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2008-11-03] ( )
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48128 2008-12-16] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2008-12-24] (ATK0100)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20141109.023\NAVENG.SYS [95704 2014-11-09] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20141109.023\NAVEX15.SYS [1636696 2014-11-09] (Symantec Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-11-04] ()
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [233512 2009-05-18] ()
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS [308272 2010-01-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS [43696 2010-01-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1008030.006\SYMEFA.SYS [310320 2010-01-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2010-07-12] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\NIS\1008030.006\SYMFW.SYS [89976 2011-09-22] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [25648 2010-01-20] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\NIS\1008030.006\SYMNDISV.SYS [48760 2011-09-22] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS [217464 2011-09-22] (Symantec Corporation)
R1 tcpipBM; C:\Windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1019392 2009-04-28] (VIA Technologies, Inc.)
R3 ALSysIO; \??\C:\Users\Mikejana\AppData\Local\Temp\ALSysIO.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS [X]
S3 SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS [X]
U2 wuaserv; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 13:48 - 2014-11-10 13:49 - 00030704 _____ () C:\Users\Mikejana\Downloads\FRST.txt
2014-11-10 13:48 - 2014-11-10 13:49 - 00000000 ____D () C:\FRST
2014-11-10 13:47 - 2014-11-10 13:48 - 01107968 _____ (Farbar) C:\Users\Mikejana\Downloads\FRST.exe
2014-11-10 13:42 - 2014-11-10 13:42 - 00014072 _____ () C:\Users\Mikejana\Downloads\hijackthis (1).log
2014-11-10 13:24 - 2014-11-10 13:24 - 00000000 ____D () C:\Users\Mikejana\Downloads\CoreTemp_106 (1)
2014-11-10 13:23 - 2014-11-10 13:23 - 00734473 _____ () C:\Users\Mikejana\Downloads\CoreTemp_106 (1).zip
2014-11-10 13:13 - 2014-11-10 13:17 - 00014072 _____ () C:\Users\Mikejana\Downloads\hijackthis.log
2014-11-10 13:11 - 2014-11-10 13:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mikejana\Downloads\HiJackThis204 (1).exe
2014-11-10 13:10 - 2014-11-10 13:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mikejana\Downloads\HiJackThis204.exe
2014-11-10 12:58 - 2014-11-10 12:58 - 00734473 _____ () C:\Users\Mikejana\Downloads\CoreTemp_106.zip
2014-11-09 21:46 - 2014-11-09 22:00 - 00000680 _____ () C:\Users\Mikejana\AppData\Local\d3d9caps.dat
2014-11-09 20:39 - 2014-11-09 20:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-09 20:39 - 2014-11-09 20:39 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-09 20:38 - 2014-11-09 20:38 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\Cliqz
2014-11-09 20:38 - 2014-11-09 20:38 - 00000000 ____D () C:\Program Files\CHIP Updater
2014-11-09 20:32 - 2014-11-09 20:32 - 00000000 ____D () C:\Users\Mikejana\Downloads\TL-WN821N_V4_Utility
2014-11-09 20:31 - 2014-11-09 20:32 - 23718037 _____ () C:\Users\Mikejana\Downloads\TL-WN821N_V4_Utility.zip
2014-11-09 20:29 - 2014-11-09 20:29 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-11-09 20:28 - 2014-11-09 20:28 - 10124457 _____ () C:\Users\Mikejana\Downloads\TL-WN821N_V4_130702.zip
2014-11-06 13:44 - 2014-11-09 21:10 - 00000000 ____D () C:\Program Files\HQ Pro Video 1.6V06.11
2014-11-06 13:44 - 2014-11-06 13:44 - 00000000 ____D () C:\Users\Mikejana\AppData\Local\globalUpdate
2014-11-06 13:44 - 2014-11-06 13:44 - 00000000 ____D () C:\Program Files\globalUpdate
2014-11-06 13:43 - 2014-11-09 21:25 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-11-06 13:43 - 2014-11-09 21:10 - 00000000 ____D () C:\Program Files\SupTab
2014-11-06 13:42 - 2014-11-09 21:10 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\LookThisUp
2014-11-06 13:42 - 2014-11-09 21:10 - 00000000 ____D () C:\Program Files\CloudGuard
2014-10-16 02:36 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 02:36 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 02:36 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 02:32 - 2014-09-28 00:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 02:07 - 2014-09-05 00:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-16 02:03 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 15:43 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 15:43 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 15:43 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 15:43 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 15:43 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 15:43 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 15:43 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-15 15:43 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 15:43 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 15:43 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-15 15:43 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-15 15:43 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 13:45 - 2010-06-14 14:30 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 13:38 - 2014-05-07 18:51 - 00000430 _____ () C:\Windows\Tasks\FaxArchive_CN32MBQJ0R05RQ.job
2014-11-10 13:22 - 2013-01-05 20:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 13:09 - 2009-08-29 09:22 - 01570842 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 13:08 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 13:08 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 13:06 - 2009-08-29 10:51 - 00000000 ___HD () C:\ASUS.DAT
2014-11-10 13:05 - 2010-06-14 14:30 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 13:01 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 12:40 - 2006-11-02 14:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-10 12:32 - 2009-08-29 10:54 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-11-09 22:21 - 2006-11-02 11:33 - 01575104 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 22:15 - 2010-06-12 15:54 - 00101600 _____ () C:\Users\Mikejana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-09 22:13 - 2010-06-12 15:54 - 00000000 ____D () C:\Users\Mikejana
2014-11-09 22:11 - 2013-05-12 16:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-09 22:10 - 2011-09-11 10:17 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-11-09 22:10 - 2006-11-02 11:22 - 55574528 _____ () C:\Windows\system32\config\software_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 48758784 _____ () C:\Windows\system32\config\components_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 20447232 _____ () C:\Windows\system32\config\system_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-11-09 22:09 - 2014-09-22 03:20 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\Host System
2014-11-09 22:09 - 2014-09-19 12:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-09 22:09 - 2014-01-11 17:33 - 00000000 ____D () C:\Users\Mikejana\Desktop\Matrobau 14.1
2014-11-09 22:09 - 2012-12-21 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 22:09 - 2010-06-13 14:54 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\DATA BECKER Shared
2014-11-09 22:09 - 2010-06-13 10:11 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\ProtectDisc
2014-11-09 22:09 - 2010-06-13 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
2014-11-09 22:09 - 2010-06-13 10:09 - 00000000 ____D () C:\Program Files\Common Files\DATA BECKER Shared
2014-11-09 22:09 - 2010-06-13 10:08 - 00000000 ____D () C:\Program Files\Common Files\Software FX Shared
2014-11-09 22:09 - 2010-06-13 10:08 - 00000000 ____D () C:\Program Files\Common Files\Rechnungsdruckerei
2014-11-09 22:09 - 2010-06-12 15:54 - 00000000 ___RD () C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-09 22:09 - 2010-06-12 15:54 - 00000000 ___RD () C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-09 22:09 - 2009-08-29 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-11-09 22:09 - 2009-08-29 10:47 - 00000000 ____D () C:\ProgramData\P4G
2014-11-09 22:09 - 2009-08-29 10:46 - 00000000 ____D () C:\Program Files\ASUS
2014-11-09 22:09 - 2009-08-29 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-11-09 22:09 - 2009-08-29 09:56 - 00000000 ____D () C:\Program Files\Google
2014-11-09 22:09 - 2009-08-29 09:56 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2014-11-09 22:09 - 2009-08-29 09:51 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-09 22:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2014-11-09 22:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-11-09 22:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-11-09 21:55 - 2011-10-01 11:28 - 00000000 ____D () C:\Windows\Minidump
2014-11-09 21:18 - 2012-12-21 19:49 - 03514328 _____ () C:\Windows\PFRO.log
2014-11-06 13:42 - 2012-12-22 15:57 - 00012914 _____ () C:\Windows\IE9_main.log
2014-10-27 17:11 - 2013-09-02 18:18 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\HpUpdate
2014-10-16 03:29 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-10-16 03:24 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-16 03:07 - 2006-11-02 13:47 - 00375192 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 02:38 - 2009-08-29 09:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 02:31 - 2013-08-15 16:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:08 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-15 17:09 - 2014-09-22 03:20 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\Security Systems

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-10 13:11

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-11-2014 01
Ran by Mikejana at 2014-11-10 13:50:29
Running from C:\Users\Mikejana\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510nz_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.0.1 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A90100000001}) (Version: 9.0.1 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
AMD USB Audio Driver Filter (HKLM\...\{A3AB35FA-943E-4799-99DC-46EFD59E998F}) (Version: 1.0.7.0031 - Advanced Micro Devices, Inc.)
AmIcoSingLun (HKLM\...\InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}) (Version: 1.2.117.2 - Alcor Micro Co., Ltd.)
AmIcoSingLun (Version: 1.2.117.2 - Alcor Micro Co., Ltd.) Hidden
ASUS AI Recovery (HKLM\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.3 - ASUS)
ASUS Data Security Manager (HKLM\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0012 - ASUS)
ASUS FancyStart (HKLM\...\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}) (Version: 1.0.4 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.7 - ASUS)
ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0018 - )
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.13 - ASUS)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0006 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0025 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.15 - asus)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.5 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{29798FD0-33BB-2275-EB4A-7042CEFCD5F2}) (Version: 3.0.704.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0003 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0003 - ASUS)
Bing Bar (HKLM\...\{16D0F2D2-242C-4885-BEF1-4B1655C141AE}) (Version: 7.0.822.0 - Microsoft Corporation)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
ccc-core-static (Version: 2008.1204.1654.30284 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM\...\{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}) (Version: 2.2.10 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{99A4344A-C723-4661-A507-D9D939480358}) (Version: 1.0.16 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{CD344FA5-6657-47CD-940F-8727EED35595}) (Version: 1.1.3 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DATA BECKER Rechnungsdruckerei 2010 (HKLM\...\Rechnungsdruckerei 2010_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
ETDWare PS/2-x86 7.0.5.4_WHQL (HKLM\...\Elantech) (Version:  - )
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{7D1EFB03-7D84-446E-8B90-6ECD7EDF4D55}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Logitech Harmony Remote Software (HKLM\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 1.0.110307 - Logitech)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mein Büro (HKLM\...\{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1) (Version: 14.0 - Buhl Data Service GmbH)
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0120-0407-0000-0000000FF1CE}) (Version: 12.0.6414.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 23.012.05.00.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.2 (x86 de) (HKLM\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM\...\USB Mass Storage Filter Driver) (Version: 1.02.0000.00 - Alcor Micro, Corp.)
Multimedia Card Reader (Version: 1.02.0000.00 - Alcor Micro, Corp.) Hidden
Nero MediaHome 4 Essentials (HKLM\...\{42ea9e70-c140-462d-b1c8-2e725c740168}) (Version:  - Nero AG)
Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 16.8.3.6 - Symantec Corporation)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skins (Version: 2008.1204.1654.30284 - ATI) Hidden
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SRS Premium Sound (HKLM\...\{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}) (Version: 1.09.1400 - Ihr Firmenname)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Studie zur Verbesserung von HP Officejet 6700 Produkten (HKLM\...\{1012904D-3F7E-44A6-B425-5AF21272BECE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.245 - TuneUp Software) Hidden
USB 2.0 UVC 1.3M WebCam (HKLM\...\USB 2.0 UVC 1.3M WebCam) (Version:  - )
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Vodafone Mobile Connect Lite (HKLM\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
Wireless Console 3 (HKLM\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.8 - ASUS)
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{0AF398C8-E8E1-cd28-1f07-257cf82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{0CD1A340-7FAB-be4f-0df0-9beef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{0E7589F8-3F4A-edae-285b-d2bcf82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{109D12C4-4EB6-4aa7-afd9-7b46f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{17A833B2-F647-15db-74ad-e12ef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{2EE319C4-8593-5add-3f3a-0471f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{3801CA43-C9A5-1c43-25a8-ef18f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{3A952499-3A8C-75e8-742a-1f85f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4735E322-568B-a85a-6647-9d59f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4C735EC7-E94E-5bd0-c1d9-facff82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4C756328-2F47-52c9-85d3-82f8f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4CC24160-A50F-c26a-e013-9356f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{65027E39-AEAF-b56a-ab45-2c1ef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{6E38DC65-4180-03e6-872a-1023f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{71B4EE53-E932-fff0-5b50-30d4f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{8A291A46-46B3-ead5-8b70-5361f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{8E932745-E80C-1824-ccfe-bf72f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{AACA9EA2-6F92-4cb1-ee03-0e21f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{F6D87F96-D010-7a21-8de2-13b0f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{F78FB21B-A447-b845-89f1-06cef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{FDECAF97-6F7B-7ba2-74ce-0294f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)

==================== Restore Points  =========================

08-10-2014 17:37:21 Geplanter Prüfpunkt
09-10-2014 18:46:35 Geplanter Prüfpunkt
12-10-2014 10:29:53 Geplanter Prüfpunkt
14-10-2014 04:05:56 Geplanter Prüfpunkt
15-10-2014 15:40:59 Geplanter Prüfpunkt
16-10-2014 01:01:39 Windows Update
17-10-2014 13:46:17 Geplanter Prüfpunkt
28-10-2014 04:50:55 Geplanter Prüfpunkt
28-10-2014 23:00:01 Geplanter Prüfpunkt
30-10-2014 16:36:55 Geplanter Prüfpunkt
31-10-2014 11:29:46 Geplanter Prüfpunkt
01-11-2014 08:59:07 Geplanter Prüfpunkt
02-11-2014 10:10:04 Geplanter Prüfpunkt
03-11-2014 08:36:17 Geplanter Prüfpunkt
04-11-2014 06:01:15 Geplanter Prüfpunkt
06-11-2014 09:40:17 Geplanter Prüfpunkt
09-11-2014 13:06:34 Removed WinFlash
09-11-2014 19:52:34 Removed Bing Bar

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06711FA8-AF18-43FA-BD3C-858EF5F3EF14} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-12-09] (ASUS)
Task: {16007833-E0E4-4A73-8FEE-7AF323FB1233} - System32\Tasks\HP AR Program Upload - 09b165b3dc7448afac457c65e2830cb0fd30486f5dd04e969929f608c67e9267 => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {20314812-7D1C-4DFF-B915-C82D90857792} - System32\Tasks\HP AR Program Upload - 6644ea8aa0f845a0886764c7bbad05aa641483edcd024f5d83c822bde154d0e6 => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {4C929E54-5000-43E2-9F25-83FFFB482202} - System32\Tasks\HP AR Program Upload - ab48080949fd476390b01fe659be85074b3b827bcf5f4f889f52695111ea90bd => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {527E59A0-BAB9-4F94-AD25-8BBAFD55BDDC} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2010-06-25] (Adobe Systems Incorporated)
Task: {722723F4-452A-4E68-8C6F-17D0DEB3681F} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {8201D707-2343-4E7A-8993-661F88D499F2} - System32\Tasks\ASUS P4G => C:\Program files\P4G\BatteryLife.exe [2009-04-02] (ATK)
Task: {9516E311-2D1C-47FC-87EB-A0B3E17B34B6} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Mikejana => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {ACA40D5B-A11D-4CD9-8D40-5ACEAEEBABA4} - System32\Tasks\FaxArchive_CN32MBQJ0R05RQ => C:\Program Files\HP\HP Officejet 6700\Bin\FaxApplications.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B6003777-D0FD-4072-95A4-98C4A23C307F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {C48C5EAC-E2EF-41B4-A545-D46AB530DE54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {CE857E80-1F4D-4E55-A205-EF2A7B1AB56E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {CF9B5261-7D6F-44E8-A609-3CAF2C8A597C} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D30ADA17-4BE3-4495-9E20-04A075223563} - System32\Tasks\HP AR Program Upload - 4be71aa8bbde45429425dccbe8febc6526e74182ab2b47d5ba7cdac24ce10a9a => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {D63CAF26-5E3B-43C1-A330-1FBE3ED43C90} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {F04DC4C6-ED77-4B0B-9075-E9FF7390298A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {FC8C9369-2692-4851-BBE3-25C159A50043} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FaxArchive_CN32MBQJ0R05RQ.job => C:\Program Files\HP\HP Officejet 6700\Bin\FaxApplications.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{BD12D63F-BFD6-4957-8912-4E28E11FEF0C}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2008-08-14 04:59 - 2008-08-14 04:59 - 00100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2009-08-29 10:47 - 2007-08-08 08:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2014-09-22 03:20 - 2014-07-23 13:16 - 00536576 _____ () C:\Users\Mikejana\AppData\Roaming\Host System\host.exe
2014-09-22 03:20 - 2014-09-22 03:20 - 00374272 _____ () C:\Users\Mikejana\AppData\Roaming\Host System\sub\default.dll
2013-04-10 06:58 - 2013-04-10 06:58 - 00276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2014-06-07 14:31 - 2013-05-21 08:28 - 00656976 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-06-07 14:31 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-06-07 14:31 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-06-07 14:31 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-06-07 14:31 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-06-07 14:31 - 2013-05-21 08:20 - 00839680 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-06-07 14:31 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2010-06-19 05:52 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2014-01-28 09:37 - 2014-01-28 09:37 - 00607032 _____ () C:\Program Files\TuneUp Utilities 2013\avgreplibx.dll
2007-06-15 18:28 - 2007-06-15 18:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 01:08 - 2007-06-02 01:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2014-09-22 03:20 - 2014-07-23 12:45 - 02243072 _____ () C:\Users\Mikejana\AppData\LocalLow\Internet Explorer BHO\bho.dll
2008-12-04 07:35 - 2008-12-04 07:35 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-08-20 23:49 - 2008-08-20 23:49 - 00016384 _____ () C:\Program files\P4G\DevMng.dll
2009-02-04 17:44 - 2009-02-04 17:44 - 00023040 _____ () C:\Program files\P4G\OvrClk.dll
2009-08-29 10:47 - 2007-03-10 00:16 - 00106496 _____ () C:\Program Files\ATKGFNEX\AGFNEX.dll
2009-08-29 10:50 - 2007-11-30 19:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2009-04-18 00:04 - 2009-04-18 00:04 - 01593344 _____ () C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
2008-10-01 07:02 - 2008-10-01 07:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2008-08-28 00:32 - 2008-08-28 00:32 - 00619816 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 17:55 - 2008-06-09 17:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2009-08-29 10:41 - 2008-03-17 10:49 - 00069632 _____ () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2009-08-29 10:41 - 2009-04-02 02:26 - 00102400 _____ () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2009-08-29 10:41 - 2008-02-14 06:56 - 00094208 _____ () C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
2009-08-29 10:41 - 2009-04-30 08:23 - 47607808 _____ () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
2009-08-29 10:12 - 2009-08-29 10:12 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2013-10-08 13:22 - 2014-11-10 13:24 - 00794272 _____ () C:\Users\Mikejana\Downloads\CoreTemp_106 (1)\CoreTemp32\Core Temp.exe
2009-04-20 23:57 - 2009-04-20 23:57 - 00225280 _____ () C:\Program Files\asus\VirtualCamera\virtualCamera.ax
2014-10-28 04:13 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 04:13 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys => ""="FSFilter Activity Monitor"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SymEFA.sys => ""="FSFilter Activity Monitor"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1561598099-2071657461-1572641555-500 - Administrator - Disabled)
Gast (S-1-5-21-1561598099-2071657461-1572641555-501 - Limited - Disabled)
Mikejana (S-1-5-21-1561598099-2071657461-1572641555-1000 - Administrator - Enabled) => C:\Users\Mikejana
NeroMediaHomeUser.4 (S-1-5-21-1561598099-2071657461-1572641555-1001 - Limited - Enabled) => C:\Users\NeroMediaHomeUser.4

==================== Faulty Device Manager Devices =============

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6700
Description: Officejet 6700
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2014 01:26:54 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\P[1].GIF> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:26:54 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\AFR[1].HTM> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:26:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\H4J14IX4\LG[1].GIF> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:26:20 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\H4J14IX4\MPV[1].GIF> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:26:20 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\MPV[1].GIF> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:24:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\ACTIVEVIEW[1].GIF> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:24:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\5W7321LJ\LG[1].GIF> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:21:48 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\ERROR[1]> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:21:48 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\ERROR[1]> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (11/10/2014 01:21:47 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\WARNING[1]> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (12/07/2010 02:36:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.12.2010 um 20:49:51 unerwartet heruntergefahren.

Error: (12/06/2010 07:27:07 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D13E5146-9567-40A9-BDA8-1239718DA2-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (12/06/2010 07:26:39 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (12/06/2010 07:26:02 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (12/06/2010 07:25:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.12.2010 um 20:28:23 unerwartet heruntergefahren.

Error: (12/05/2010 03:16:02 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D13E5146-9567-40A9-BDA8-1239718DA2-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (12/05/2010 00:08:12 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D13E5146-9567-40A9-BDA8-1239718DA2-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (12/03/2010 02:44:19 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D13E5146-9567-40A9-BDA8-1239718DA2-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (12/03/2010 02:32:18 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D13E5146-9567-40A9-BDA8-1239718DA2-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (12/03/2010 02:22:37 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (11/10/2014 01:26:54 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\P[1].GIF

Error: (11/10/2014 01:26:54 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\AFR[1].HTM

Error: (11/10/2014 01:26:29 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\H4J14IX4\LG[1].GIF

Error: (11/10/2014 01:26:20 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\H4J14IX4\MPV[1].GIF

Error: (11/10/2014 01:26:20 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\MPV[1].GIF

Error: (11/10/2014 01:24:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\ACTIVEVIEW[1].GIF

Error: (11/10/2014 01:24:11 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\5W7321LJ\LG[1].GIF

Error: (11/10/2014 01:21:48 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\ERROR[1]

Error: (11/10/2014 01:21:48 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\ERROR[1]

Error: (11/10/2014 01:21:47 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\MIKEJANA\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\ZH3423LS\WARNING[1]


CodeIntegrity Errors:
===================================
  Date: 2014-11-10 13:49:46.131
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 13:49:44.525
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 13:49:43.248
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 13:49:42.106
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-09 21:58:21.844
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-09 21:58:21.173
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-09 21:58:20.455
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-09 21:58:19.722
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-09 21:58:08.989
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-09 21:58:08.303
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) X2 Dual-Core QL-65
Percentage of memory in use: 55%
Total physical RAM: 3326.46 MB
Available physical RAM: 1488.57 MB
Total Pagefile: 6847.43 MB
Available Pagefile: 4994.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.43 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:232.88 GB) (Free:137.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:221.16 GB) (Free:221.12 GB) NTFS
Drive f: (INTENSO) (Removable) (Total:3.71 GB) (Free:1.55 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=1C)
Partition 2: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.2 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.11.2014
Suchlauf-Zeit: 14:09:38
Logdatei: malware.txt
Administrator: Nein

Version: 2.00.3.1025
Malware Datenbank: v2014.11.10.04
Rootkit Datenbank: v2014.11.08.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Mikejana

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 343980
Verstrichene Zeit: 20 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-1561598099-2071657461-1572641555-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [b4685bdf9edee452e8fa3623b94af20e], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 82
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\content, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\content\include, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\content\include\tools, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\content\js, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\content\js\lib, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\content\js\module, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\content\js\pack, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\en, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\en-US, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\es, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\es-419, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\fr, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\it, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\it-CH, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\pl, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\ru, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\tr, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\vi, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\chrome\skin, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\defaults, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\defaults\preferences, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.FastStart.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\faststartff@gmail.com\modules, , [97854ded7903ad89c5a161b5c340a858], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [1507e951a7d5d660b1f0f91e6e956f91], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [1507e951a7d5d660b1f0f91e6e956f91], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [1507e951a7d5d660b1f0f91e6e956f91], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update, , [0319a496eb915ed8165d7c9db44f11ef], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0, , [0319a496eb915ed8165d7c9db44f11ef], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Download, , [0319a496eb915ed8165d7c9db44f11ef], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Install, , [0319a496eb915ed8165d7c9db44f11ef], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline, , [0319a496eb915ed8165d7c9db44f11ef], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline\{BD7E1194-A112-45CE-B56E-472B67C198D6}, , [0319a496eb915ed8165d7c9db44f11ef], 
PUP.Optional.GlobalUpdate.A, C:\Users\Mikejana\AppData\Local\Temp\comh.465995, , [d74503373a4269cd5c33ce4b887bc937], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\skin, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW, , [ed2fe555215b0234a50c100dbd4617e9], 
PUP.Optional.CrossRider.A, C:\Program Files\HQ Pro Video 1.6V06.11, , [8b912b0ff58740f69f51b37947bc27d9], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\chrome, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\chrome\content, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\chrome\content\api, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\chrome\content\core, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\defaults, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\defaults\preferences, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\extensionData, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\extensionData\plugins, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\extensionData\userCode, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\locale, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\locale\en-US, , [af6d2317bac224126ddcb17cf70c5aa6], 
PUP.Optional.CrossRider.A, C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com\skin, , [af6d2317bac224126ddcb17cf70c5aa6], 

Dateien: 1
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [1507e951a7d5d660b1f0f91e6e956f91], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

[/CODE]

cosinus · 10.11.2014, 14:06

Wieso ist denn da nur ein 32-Bit-Windows drauf?
Für diesen Rechner ist das ziemlich suboptimal, da er über 4 GiB RAM und einer 64-Bit-CPU verfügt. Mit dieser 32-Bit-Vista-Installation kannst du deinen RAM nicht vollständig nutzen siehe => Total physical RAM: 3326.46 MB

Dein 32-Bit-Vista verwaltet also nur etwas mehr als 3 GiB, ein gutes Viertel deines Arbeitsspeichers liegt ungenutzt rum.

Abgesehen davon, würde ich die Finger von Norton Internet Security und TuneUp lassen. Deinstalliere beides und beobachte.

Kilkan · 10.11.2014, 14:42

Malware hab ich noch dran gehangen,

Was ist an diesen Programmen nicht in Ordnung?
Was würdest du mir als Alternative empfehlen?

Ich habe in der letzten Stunde die Temperatur im Auge behalten und Sie war immer bei mind. 90°C das ist doch nicht normal oder?
Und ab 92°C geht der Lüfter lauter deswegen das permanente auf und ab denk ich mal

Lohnt es sich Win7 64bit drauf zu Installieren?

cosinus · 10.11.2014, 14:47

TuneUp ist riskanter Blödsinn. Es haben sich schon sehr viele Hilfesuchende hier mit diesem angeblichen Wundertool ihr System "kaputtoptimiert" - ein vernünftiges System hat man wenn es es vernünftig einrichtet und nicht planlos zumüllt um dann mit Schlangenöl irgendwelchen Optimierungen durchzuführen...

Und Norton war eigentlich schon immer als Resourcenfresser bekannt, mag sein, dass sich neuere Version verbessert haben, empfehlen würde ich Norton-Virenscanner nicht und schon garnicht so einen Schlangenöl Internet Security nicht.

Wie alt ist das Notebook? Schau mal nach, ob du Lüftungsschlitze durch Staub o.ä. dicht sind. Wenn ja, umgehend säubern!

Kilkan · 10.11.2014, 14:55

Das mit dem Schlangenöl versteh ich nicht ganz? ;-P
Das Notebook ist ca. 5 Jahre alt.
Würde sich Win7 64bit lohnen zu installieren?
Lüfterschlitze hatte ich vorher schon gereinigt die sind also i.O.

cosinus · 10.11.2014, 15:09

Win7 64 Bit würde sich schon lohnen. Oder ein alternatives 64-Bit-OS wie zB Xubuntu oder Lubuntu. Es muss ja nicht immer Windows sein.

Kannst du sehen welcher Prozess an der CPU saugt?

Kilkan · 10.11.2014, 15:24

Ich kanns eben leider nicht nachvollziehen, ich hab im Task-Manager --> Prozesse --> Prozesse aller Benutzer anzeigen --> nach CPU sortiert und da kommen nur paar Prozesse die aber nicht viel ziehen --> Siehe Screen

cosinus · 10.11.2014, 15:27

Die CPU-Last ist da aber nur bei 59%...

Kilkan · 10.11.2014, 15:29

Vorführeffekt...jetz hält der sich gerade bei 50-70%....aber wieso ist dann die Temperatur so hoch?

cosinus · 10.11.2014, 15:31

Das kann ich dir aus der Ferne auch nicht sagen

Hauen wir mal die Junkware von deinem Rechner runter;

Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Kilkan · 10.11.2014, 16:38

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Mikejana on 10.11.2014 at 16:28:29,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.11.2014 at 16:31:59,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 10/11/2014 um 16:48:31
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-07.1 [Live]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Mikejana - MIKEBÜRO
# Gestartet von : C:\Users\Mikejana\Downloads\AdwCleaner_4.101.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\faststartff@gmail.com
Ordner Gelöscht : C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\sparpilot@sparpilot.com
Datei Gelöscht : C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7697BC38-D0FA-454B-AC75-968B4CCABFCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetkiss.me

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16584


-\\ Mozilla Firefox v


-\\ Google Chrome v38.0.2125.111

[C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1415277753&from=tugs&uid=395049983_2101041_E4EDAFAB&q={searchTerms}
[C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1415277753&from=tugs&uid=395049983_2101041_E4EDAFAB&q={searchTerms}
[C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1415277753&from=tugs&uid=395049983_2101041_E4EDAFAB&q={searchTerms}
[C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1415277753&from=tugs&uid=395049983_2101041_E4EDAFAB&q={searchTerms}

*************************

AdwCleaner[R0].txt - [2956 octets] - [10/11/2014 16:01:58]
AdwCleaner[R1].txt - [3412 octets] - [10/11/2014 16:05:45]
AdwCleaner[R2].txt - [3531 octets] - [10/11/2014 16:21:42]
AdwCleaner[R3].txt - [3510 octets] - [10/11/2014 16:39:32]
AdwCleaner[S0].txt - [955 octets] - [10/11/2014 16:04:19]
AdwCleaner[S1].txt - [408 octets] - [10/11/2014 16:08:33]
AdwCleaner[S2].txt - [408 octets] - [10/11/2014 16:23:59]
AdwCleaner[S3].txt - [3431 octets] - [10/11/2014 16:48:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [3491 octets] ##########

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-11-2014 01
Ran by Mikejana (administrator) on MIKEBÜRO on 10-11-2014 16:57:04
Running from c:\Users\Mikejana\Downloads
Loaded Profile: Mikejana (Available profiles: Mikejana & NeroMediaHomeUser.4)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(DATA BECKER GmbH & Co KG) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\FaxApplications.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-19] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [494976 2009-05-08] (ELAN Microelectronic Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1392640 2009-04-30] (VIA)
HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2009-04-03] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-02] (ASUS)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8392704 2009-03-04] (ASUS)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2009-03-27] (ASUS)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2009-08-29] (ASUS)
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2008-10-01] (ATK)
HKLM\...\Run: [ADSMTray] => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-05-18] (ASUSTek Computer Inc.)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [SRS Premium Sound] => C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [3417336 2009-05-28] (SRS Labs, Inc.)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {9581843f-90d9-11df-b0d9-90e6ba1862da} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {95818446-90d9-11df-b0d9-001e101fb9b7} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {ed468226-de69-11e3-a562-90e6ba1862da} - F:\AutoRun.exe
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {ed468234-de69-11e3-a562-90e6ba1862da} - H:\AutoRun.exe
HKU\S-1-5-21-1561598099-2071657461-1572641555-1000\...\MountPoints2: {f5796471-933f-11df-b1a6-001e101f19f4} - F:\setup_vmc_lite.exe /checkApplicationPresence
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_deDE384
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_deDE384
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {269D0B18-45D0-46D0-A644-2D60D928BC7F} -> C:\Users\Mikejana\AppData\LocalLow\INTERN~1\bho.dll No File
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com [2014-11-06]
FF Extension: Cliqz Beta - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\cliqz@cliqz.com [2014-11-09]
FF Extension: Foxy-Secure v7 - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\fox@foxy.sec.com [2014-09-22]
FF Extension: WEB.DE MailCheck - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\toolbar@web.de [2014-11-06]
FF Extension: video addon plus - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{8f6ce89b-9a9b-4c82-953c-241c8d007283}.xpi [2014-09-26]
FF Extension: {a3bb453d-44bc-4839-b40e-5a7e44865f3f} - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{a3bb453d-44bc-4839-b40e-5a7e44865f3f}.xpi [2014-09-22]
FF Extension: Adblock Plus - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-19]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn [2011-10-14]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2010-07-18]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-21]
FF Extension: No Name - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\sparpilot@sparpilot.com [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Harmony Firefox Plugin) - C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Profile: C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-22]
CHR Extension: (Amazon) - C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2014-09-22]
CHR Extension: (Google Wallet) - C:\Users\Mikejana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Mikejana\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-09-22]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
S4 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 DBService; C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [File not signed]
S4 HostService; C:\Users\Mikejana\AppData\Roaming\Host System\host.exe [536576 2014-07-23] () [File not signed]
S4 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S4 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [276048 2013-04-10] ()
S4 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [656976 2013-05-21] ()
S4 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [117648 2011-09-22] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [107744 2009-05-28] (SRS Labs, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [183312 2008-10-03] (Advanced Micro Devices, Inc)
R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [30264 2009-08-29] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R1 BHDrvx86; C:\Windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys [259632 2010-01-20] (Symantec Corporation)
U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [File not signed]
R1 ccHP; C:\Windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys [467592 2011-10-11] (Symantec Corporation)
R3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-03-07] (Generic)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-08-27] (Symantec Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [94208 2009-05-08] (ELAN Microelectronic Corp.)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [108032 2013-08-22] (Huawei Technologies Co., Ltd.)
S3 hwusb_cdcecm; C:\Windows\System32\DRIVERS\ew_cdcecm.sys [116352 2013-07-25] (Huawei Technologies Co., Ltd.)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20141107.001\IDSvix86.sys [476888 2014-08-23] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2008-11-03] ( )
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48128 2008-12-16] (Atheros Communications, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2008-12-24] (ATK0100)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20141109.023\NAVENG.SYS [95704 2014-11-09] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20141109.023\NAVEX15.SYS [1636696 2014-11-09] (Symantec Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-11-04] ()
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [233512 2009-05-18] ()
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS [308272 2010-01-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS [43696 2010-01-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1008030.006\SYMEFA.SYS [310320 2010-01-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2010-07-12] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\NIS\1008030.006\SYMFW.SYS [89976 2011-09-22] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [25648 2010-01-20] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\NIS\1008030.006\SYMNDISV.SYS [48760 2011-09-22] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS [217464 2011-09-22] (Symantec Corporation)
R1 tcpipBM; C:\Windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1019392 2009-04-28] (VIA Technologies, Inc.)
S3 ALSysIO; \??\C:\Users\Mikejana\AppData\Local\Temp\ALSysIO.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS [X]
S3 SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS [X]
U2 wuaserv; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 16:57 - 2014-11-10 16:58 - 00027832 _____ () C:\Users\Mikejana\Downloads\FRST.txt
2014-11-10 16:37 - 2014-11-10 16:37 - 00001271 _____ () C:\Users\Mikejana\Desktop\CoreTemp.ini
2014-11-10 16:31 - 2014-11-10 16:31 - 00001098 _____ () C:\Users\Mikejana\Desktop\JRT.txt
2014-11-10 16:28 - 2014-11-10 16:28 - 00000000 ____D () C:\Windows\ERUNT
2014-11-10 16:27 - 2014-11-10 16:27 - 01706808 _____ (Thisisu) C:\Users\Mikejana\Downloads\JRT.exe
2014-11-10 16:01 - 2014-11-10 16:48 - 00000000 ____D () C:\AdwCleaner
2014-11-10 16:00 - 2014-11-10 16:00 - 02140160 _____ () C:\Users\Mikejana\Downloads\AdwCleaner_4.101.exe
2014-11-10 15:59 - 2014-11-10 15:59 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-11-10 15:36 - 2014-11-10 15:36 - 00000000 ____D () C:\Windows\pss
2014-11-10 14:44 - 2014-11-10 14:44 - 00014072 _____ () C:\Users\Mikejana\Downloads\hijackthis (2).log
2014-11-10 14:32 - 2014-11-10 14:32 - 00014556 _____ () C:\Malware.txt
2014-11-10 14:09 - 2014-11-10 15:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-10 14:09 - 2014-11-10 14:09 - 00000906 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-10 14:08 - 2014-11-10 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-10 14:08 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-10 14:08 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-10 14:08 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-10 14:07 - 2014-11-10 14:08 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Mikejana\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-11-10 14:02 - 2014-11-10 14:02 - 00232044 _____ () C:\Users\Mikejana\Documents\Verlauf.txt
2014-11-10 14:01 - 2014-11-10 14:01 - 00273326 _____ () C:\Users\Mikejana\Documents\Scanergebnisse.txt
2014-11-10 13:48 - 2014-11-10 16:57 - 00000000 ____D () C:\FRST
2014-11-10 13:47 - 2014-11-10 13:48 - 01107968 _____ (Farbar) C:\Users\Mikejana\Downloads\FRST.exe
2014-11-10 13:42 - 2014-11-10 13:42 - 00014072 _____ () C:\Users\Mikejana\Downloads\hijackthis (1).log
2014-11-10 13:24 - 2014-11-10 13:24 - 00000000 ____D () C:\Users\Mikejana\Downloads\CoreTemp_106 (1)
2014-11-10 13:23 - 2014-11-10 13:23 - 00734473 _____ () C:\Users\Mikejana\Downloads\CoreTemp_106 (1).zip
2014-11-10 13:13 - 2014-11-10 13:17 - 00014072 _____ () C:\Users\Mikejana\Downloads\hijackthis.log
2014-11-10 13:11 - 2014-11-10 13:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mikejana\Downloads\HiJackThis204 (1).exe
2014-11-10 13:10 - 2014-11-10 13:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mikejana\Downloads\HiJackThis204.exe
2014-11-10 12:58 - 2014-11-10 12:58 - 00734473 _____ () C:\Users\Mikejana\Downloads\CoreTemp_106.zip
2014-11-09 21:46 - 2014-11-09 22:00 - 00000680 _____ () C:\Users\Mikejana\AppData\Local\d3d9caps.dat
2014-11-09 20:39 - 2014-11-10 14:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-09 20:39 - 2014-11-09 20:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-09 20:38 - 2014-11-09 20:38 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\Cliqz
2014-11-09 20:38 - 2014-11-09 20:38 - 00000000 ____D () C:\Program Files\CHIP Updater
2014-11-09 20:32 - 2014-11-09 20:32 - 00000000 ____D () C:\Users\Mikejana\Downloads\TL-WN821N_V4_Utility
2014-11-09 20:31 - 2014-11-09 20:32 - 23718037 _____ () C:\Users\Mikejana\Downloads\TL-WN821N_V4_Utility.zip
2014-11-09 20:29 - 2014-11-09 20:29 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-11-09 20:28 - 2014-11-09 20:28 - 10124457 _____ () C:\Users\Mikejana\Downloads\TL-WN821N_V4_130702.zip
2014-11-06 13:44 - 2014-11-09 21:10 - 00000000 ____D () C:\Program Files\HQ Pro Video 1.6V06.11
2014-11-06 13:42 - 2014-11-09 21:10 - 00000000 ____D () C:\Program Files\CloudGuard
2014-10-16 02:36 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 02:36 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 02:36 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 02:32 - 2014-09-28 00:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 02:07 - 2014-09-05 00:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-16 02:03 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 15:43 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 15:43 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 15:43 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 15:43 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 15:43 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 15:43 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 15:43 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-15 15:43 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 15:43 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 15:43 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 15:43 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 15:43 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-15 15:43 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-15 15:43 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 16:56 - 2009-08-29 09:22 - 01590716 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 16:53 - 2014-05-07 18:51 - 00000430 _____ () C:\Windows\Tasks\FaxArchive_CN32MBQJ0R05RQ.job
2014-11-10 16:50 - 2012-12-21 19:49 - 03518414 _____ () C:\Windows\PFRO.log
2014-11-10 16:50 - 2010-06-14 14:30 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 16:50 - 2009-08-29 10:54 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-11-10 16:50 - 2009-08-29 09:56 - 00000000 ____D () C:\Program Files\Google
2014-11-10 16:50 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 16:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 16:50 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 16:48 - 2006-11-02 14:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-10 16:45 - 2010-06-14 14:30 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 16:22 - 2013-01-05 20:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 16:01 - 2011-06-21 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-10 16:00 - 2013-09-02 18:18 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\HpUpdate
2014-11-10 15:47 - 2011-06-21 18:27 - 00000000 ____D () C:\Program Files\Yahoo!
2014-11-10 15:47 - 2010-06-12 17:45 - 00000000 ____D () C:\Users\Mikejana\AppData\Local\Google
2014-11-10 15:47 - 2009-08-29 09:56 - 00000000 ____D () C:\ProgramData\Google
2014-11-10 15:46 - 2014-09-19 12:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-10 14:00 - 2009-08-29 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-11-10 13:58 - 2012-12-03 20:17 - 00000000 ____D () C:\ProgramData\tmp
2014-11-10 13:24 - 2013-10-08 13:22 - 00794272 _____ () C:\Users\Mikejana\Desktop\Core Temp.exe
2014-11-10 13:06 - 2009-08-29 10:51 - 00000000 ___HD () C:\ASUS.DAT
2014-11-09 22:21 - 2006-11-02 11:33 - 01575104 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 22:15 - 2010-06-12 15:54 - 00101600 _____ () C:\Users\Mikejana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-09 22:13 - 2010-06-12 15:54 - 00000000 ____D () C:\Users\Mikejana
2014-11-09 22:10 - 2011-09-11 10:17 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-11-09 22:10 - 2006-11-02 11:22 - 55574528 _____ () C:\Windows\system32\config\software_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 48758784 _____ () C:\Windows\system32\config\components_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 20447232 _____ () C:\Windows\system32\config\system_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-09 22:10 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-11-09 22:09 - 2014-09-22 03:20 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\Host System
2014-11-09 22:09 - 2014-01-11 17:33 - 00000000 ____D () C:\Users\Mikejana\Desktop\Matrobau 14.1
2014-11-09 22:09 - 2012-12-21 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 22:09 - 2010-06-13 14:54 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\DATA BECKER Shared
2014-11-09 22:09 - 2010-06-13 10:11 - 00000000 ____D () C:\Users\Mikejana\AppData\Roaming\ProtectDisc
2014-11-09 22:09 - 2010-06-13 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
2014-11-09 22:09 - 2010-06-13 10:09 - 00000000 ____D () C:\Program Files\Common Files\DATA BECKER Shared
2014-11-09 22:09 - 2010-06-13 10:08 - 00000000 ____D () C:\Program Files\Common Files\Software FX Shared
2014-11-09 22:09 - 2010-06-13 10:08 - 00000000 ____D () C:\Program Files\Common Files\Rechnungsdruckerei
2014-11-09 22:09 - 2010-06-12 15:54 - 00000000 ___RD () C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-09 22:09 - 2010-06-12 15:54 - 00000000 ___RD () C:\Users\Mikejana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-09 22:09 - 2009-08-29 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-11-09 22:09 - 2009-08-29 10:47 - 00000000 ____D () C:\ProgramData\P4G
2014-11-09 22:09 - 2009-08-29 10:46 - 00000000 ____D () C:\Program Files\ASUS
2014-11-09 22:09 - 2009-08-29 09:56 - 00000000 ____D () C:\Program Files\Common Files\PX Storage Engine
2014-11-09 22:09 - 2009-08-29 09:51 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-09 22:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2014-11-09 22:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-11-09 22:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-11-09 21:55 - 2011-10-01 11:28 - 00000000 ____D () C:\Windows\Minidump
2014-11-06 13:42 - 2012-12-22 15:57 - 00012914 _____ () C:\Windows\IE9_main.log
2014-10-16 03:29 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-10-16 03:24 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-16 03:07 - 2006-11-02 13:47 - 00375192 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 02:38 - 2009-08-29 09:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 02:31 - 2013-08-15 16:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 02:08 - 2006-11-02 11:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\Mikejana\AppData\Local\Temp\Quarantine.exe
C:\Users\Mikejana\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-10 16:56

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-11-2014 01
Ran by Mikejana at 2014-11-10 16:58:48
Running from c:\Users\Mikejana\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510nz_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.0.1 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A90100000001}) (Version: 9.0.1 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
AMD USB Audio Driver Filter (HKLM\...\{A3AB35FA-943E-4799-99DC-46EFD59E998F}) (Version: 1.0.7.0031 - Advanced Micro Devices, Inc.)
AmIcoSingLun (HKLM\...\InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}) (Version: 1.2.117.2 - Alcor Micro Co., Ltd.)
AmIcoSingLun (Version: 1.2.117.2 - Alcor Micro Co., Ltd.) Hidden
ASUS AI Recovery (HKLM\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.3 - ASUS)
ASUS Data Security Manager (HKLM\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0012 - ASUS)
ASUS FancyStart (HKLM\...\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}) (Version: 1.0.4 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.7 - ASUS)
ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0018 - )
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.13 - ASUS)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0006 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0025 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.15 - asus)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.5 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{29798FD0-33BB-2275-EB4A-7042CEFCD5F2}) (Version: 3.0.704.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0003 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0003 - ASUS)
Bing Bar (HKLM\...\{16D0F2D2-242C-4885-BEF1-4B1655C141AE}) (Version: 7.0.822.0 - Microsoft Corporation)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
ccc-core-static (Version: 2008.1204.1654.30284 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM\...\{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}) (Version: 2.2.10 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{99A4344A-C723-4661-A507-D9D939480358}) (Version: 1.0.16 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{CD344FA5-6657-47CD-940F-8727EED35595}) (Version: 1.1.3 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
DATA BECKER Rechnungsdruckerei 2010 (HKLM\...\Rechnungsdruckerei 2010_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
ETDWare PS/2-x86 7.0.5.4_WHQL (HKLM\...\Elantech) (Version:  - )
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{7D1EFB03-7D84-446E-8B90-6ECD7EDF4D55}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Logitech Harmony Remote Software (HKLM\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 1.0.110307 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mein Büro (HKLM\...\{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1) (Version: 14.0 - Buhl Data Service GmbH)
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0120-0407-0000-0000000FF1CE}) (Version: 12.0.6414.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 23.012.05.00.382 - Huawei Technologies Co.,Ltd)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM\...\USB Mass Storage Filter Driver) (Version: 1.02.0000.00 - Alcor Micro, Corp.)
Multimedia Card Reader (Version: 1.02.0000.00 - Alcor Micro, Corp.) Hidden
Nero MediaHome 4 Essentials (HKLM\...\{42ea9e70-c140-462d-b1c8-2e725c740168}) (Version:  - Nero AG)
Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 16.8.3.6 - Symantec Corporation)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skins (Version: 2008.1204.1654.30284 - ATI) Hidden
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SRS Premium Sound (HKLM\...\{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}) (Version: 1.09.1400 - Ihr Firmenname)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Studie zur Verbesserung von HP Officejet 6700 Produkten (HKLM\...\{1012904D-3F7E-44A6-B425-5AF21272BECE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.245 - TuneUp Software) Hidden
USB 2.0 UVC 1.3M WebCam (HKLM\...\USB 2.0 UVC 1.3M WebCam) (Version:  - )
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Vodafone Mobile Connect Lite (HKLM\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
Wireless Console 3 (HKLM\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.8 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{0AF398C8-E8E1-cd28-1f07-257cf82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{0CD1A340-7FAB-be4f-0df0-9beef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{0E7589F8-3F4A-edae-285b-d2bcf82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{109D12C4-4EB6-4aa7-afd9-7b46f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{17A833B2-F647-15db-74ad-e12ef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{2EE319C4-8593-5add-3f3a-0471f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{3801CA43-C9A5-1c43-25a8-ef18f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{3A952499-3A8C-75e8-742a-1f85f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4735E322-568B-a85a-6647-9d59f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4C735EC7-E94E-5bd0-c1d9-facff82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4C756328-2F47-52c9-85d3-82f8f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{4CC24160-A50F-c26a-e013-9356f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{65027E39-AEAF-b56a-ab45-2c1ef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{6E38DC65-4180-03e6-872a-1023f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{71B4EE53-E932-fff0-5b50-30d4f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{8A291A46-46B3-ead5-8b70-5361f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{8E932745-E80C-1824-ccfe-bf72f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{AACA9EA2-6F92-4cb1-ee03-0e21f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{F6D87F96-D010-7a21-8de2-13b0f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{F78FB21B-A447-b845-89f1-06cef82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1561598099-2071657461-1572641555-1000_Classes\CLSID\{FDECAF97-6F7B-7ba2-74ce-0294f82860df}\InprocServer32 -> C:\Windows\system32\OLE32.DLL (Microsoft Corporation)

==================== Restore Points  =========================

12-10-2014 10:29:53 Geplanter Prüfpunkt
14-10-2014 04:05:56 Geplanter Prüfpunkt
15-10-2014 15:40:59 Geplanter Prüfpunkt
16-10-2014 01:01:39 Windows Update
17-10-2014 13:46:17 Geplanter Prüfpunkt
28-10-2014 04:50:55 Geplanter Prüfpunkt
28-10-2014 23:00:01 Geplanter Prüfpunkt
30-10-2014 16:36:55 Geplanter Prüfpunkt
31-10-2014 11:29:46 Geplanter Prüfpunkt
01-11-2014 08:59:07 Geplanter Prüfpunkt
02-11-2014 10:10:04 Geplanter Prüfpunkt
03-11-2014 08:36:17 Geplanter Prüfpunkt
04-11-2014 06:01:15 Geplanter Prüfpunkt
06-11-2014 09:40:17 Geplanter Prüfpunkt
09-11-2014 13:06:34 Removed WinFlash
09-11-2014 19:52:34 Removed Bing Bar
10-11-2014 14:59:26 Installed HP Update.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06711FA8-AF18-43FA-BD3C-858EF5F3EF14} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-12-09] (ASUS)
Task: {16007833-E0E4-4A73-8FEE-7AF323FB1233} - System32\Tasks\HP AR Program Upload - 09b165b3dc7448afac457c65e2830cb0fd30486f5dd04e969929f608c67e9267 => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {20314812-7D1C-4DFF-B915-C82D90857792} - System32\Tasks\HP AR Program Upload - 6644ea8aa0f845a0886764c7bbad05aa641483edcd024f5d83c822bde154d0e6 => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {4C929E54-5000-43E2-9F25-83FFFB482202} - System32\Tasks\HP AR Program Upload - ab48080949fd476390b01fe659be85074b3b827bcf5f4f889f52695111ea90bd => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {527E59A0-BAB9-4F94-AD25-8BBAFD55BDDC} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2010-06-25] (Adobe Systems Incorporated)
Task: {722723F4-452A-4E68-8C6F-17D0DEB3681F} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {8201D707-2343-4E7A-8993-661F88D499F2} - System32\Tasks\ASUS P4G => C:\Program files\P4G\BatteryLife.exe [2009-04-02] (ATK)
Task: {ACA40D5B-A11D-4CD9-8D40-5ACEAEEBABA4} - System32\Tasks\FaxArchive_CN32MBQJ0R05RQ => C:\Program Files\HP\HP Officejet 6700\Bin\FaxApplications.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B6003777-D0FD-4072-95A4-98C4A23C307F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {C48C5EAC-E2EF-41B4-A545-D46AB530DE54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {C72DEF0E-A80F-460C-95CF-31678FF26394} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Mikejana => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {CE857E80-1F4D-4E55-A205-EF2A7B1AB56E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {CF9B5261-7D6F-44E8-A609-3CAF2C8A597C} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D30ADA17-4BE3-4495-9E20-04A075223563} - System32\Tasks\HP AR Program Upload - 4be71aa8bbde45429425dccbe8febc6526e74182ab2b47d5ba7cdac24ce10a9a => C:\Program Files\HP\HP Officejet 6700\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {D63CAF26-5E3B-43C1-A330-1FBE3ED43C90} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {F04DC4C6-ED77-4B0B-9075-E9FF7390298A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {FC8C9369-2692-4851-BBE3-25C159A50043} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FaxArchive_CN32MBQJ0R05RQ.job => C:\Program Files\HP\HP Officejet 6700\Bin\FaxApplications.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{BD12D63F-BFD6-4957-8912-4E28E11FEF0C}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2008-08-14 04:59 - 2008-08-14 04:59 - 00100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2014-06-07 14:31 - 2013-05-21 08:28 - 00656976 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-06-07 14:31 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-06-07 14:31 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-06-07 14:31 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-06-07 14:31 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-06-07 14:31 - 2013-05-21 08:20 - 00839680 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-06-07 14:31 - 2012-10-31 10:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2010-06-19 05:52 - 2009-04-11 07:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2007-06-15 18:28 - 2007-06-15 18:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 01:08 - 2007-06-02 01:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2014-01-28 09:37 - 2014-01-28 09:37 - 00607032 _____ () C:\Program Files\TuneUp Utilities 2013\avgreplibx.dll
2008-12-04 07:35 - 2008-12-04 07:35 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-08-20 23:49 - 2008-08-20 23:49 - 00016384 _____ () C:\Program files\P4G\DevMng.dll
2009-02-04 17:44 - 2009-02-04 17:44 - 00023040 _____ () C:\Program files\P4G\OvrClk.dll
2009-08-29 10:47 - 2007-03-10 00:16 - 00106496 _____ () C:\Program Files\ATKGFNEX\AGFNEX.dll
2009-08-29 10:50 - 2007-11-30 19:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2009-04-18 00:04 - 2009-04-18 00:04 - 01593344 _____ () C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
2008-10-01 07:02 - 2008-10-01 07:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2008-08-28 00:32 - 2008-08-28 00:32 - 00619816 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 17:55 - 2008-06-09 17:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2009-08-29 10:41 - 2008-03-17 10:49 - 00069632 _____ () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2009-08-29 10:41 - 2009-04-02 02:26 - 00102400 _____ () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2009-08-29 10:41 - 2008-02-14 06:56 - 00094208 _____ () C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
2009-08-29 10:41 - 2009-04-30 08:23 - 47607808 _____ () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
2009-04-20 23:57 - 2009-04-20 23:57 - 00225280 _____ () C:\Program Files\asus\VirtualCamera\virtualCamera.ax
2009-08-29 10:12 - 2009-08-29 10:12 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2014-10-28 04:13 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 04:13 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys => ""="FSFilter Activity Monitor"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SymEFA.sys => ""="FSFilter Activity Monitor"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BBSvc => 3
MSCONFIG\Services: BBUpdate => 2
MSCONFIG\Services: Browser => 2
MSCONFIG\Services: EMDMgmt => 2
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: fsssvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HostService => 2
MSCONFIG\Services: hpqcxs08 => 3
MSCONFIG\Services: HWDeviceService.exe => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NeroMediaHomeService.4 => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: ASUS Camera ScreenSaver => C:\Windows\AsScrProlog.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Nero MediaHome 4 => "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1561598099-2071657461-1572641555-500 - Administrator - Disabled)
Gast (S-1-5-21-1561598099-2071657461-1572641555-501 - Limited - Disabled)
Mikejana (S-1-5-21-1561598099-2071657461-1572641555-1000 - Administrator - Enabled) => C:\Users\Mikejana
NeroMediaHomeUser.4 (S-1-5-21-1561598099-2071657461-1572641555-1001 - Limited - Enabled) => C:\Users\NeroMediaHomeUser.4

==================== Faulty Device Manager Devices =============

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6700
Description: Officejet 6700
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2014 04:51:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 04:50:28 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue


System errors:
=============
Error: (11/10/2014 04:58:28 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (11/10/2014 04:53:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: PnP-X-IP-BusauflistungFunktionssuchanbieter-Host%%1058

Error: (11/10/2014 04:51:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Mobile Partner. OUC%%1053

Error: (11/10/2014 04:51:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Mobile Partner. OUC

Error: (11/10/2014 04:51:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/10/2014 04:40:57 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/10/2014 04:40:52 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/10/2014 04:39:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (11/10/2014 04:51:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 04:50:28 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue


CodeIntegrity Errors:
===================================
  Date: 2014-11-10 16:58:34.676
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:58:33.912
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:58:33.148
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:58:32.352
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:58:31.291
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:58:30.527
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:58:29.778
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:58:28.998
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:57:52.728
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-10 16:57:51.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) X2 Dual-Core QL-65
Percentage of memory in use: 50%
Total physical RAM: 3326.46 MB
Available physical RAM: 1659.63 MB
Total Pagefile: 6849.41 MB
Available Pagefile: 5158.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.09 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:232.88 GB) (Free:138.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:221.16 GB) (Free:221.12 GB) NTFS
Drive f: (INTENSO) (Removable) (Total:3.71 GB) (Free:1.55 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=1C)
Partition 2: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.2 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

cosinus · 11.11.2014, 00:12

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
FF Extension: video addon plus - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{8f6ce89b-9a9b-4c82-953c-241c8d007283}.xpi [2014-09-26]
FF Extension: Foxy-Secure v7 - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\fox@foxy.sec.com [2014-09-22]
FF Extension: No Name - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\2766e15f58d04887a1e82c7d6e3b@ac00a7ac7e9047c683f498.com [2014-11-06]
FF Extension: {a3bb453d-44bc-4839-b40e-5a7e44865f3f} - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\Extensions\{a3bb453d-44bc-4839-b40e-5a7e44865f3f}.xpi [2014-09-22]
FF Extension: No Name - C:\Users\Mikejana\AppData\Roaming\Mozilla\Firefox\Profiles\n9nu16vw.default\extensions\sparpilot@sparpilot.com [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Hosts:
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

10.11.2014, 15:09	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Laptop WinVista sehr langsam Win7 64 Bit würde sich schon lohnen. Oder ein alternatives 64-Bit-OS wie zB Xubuntu oder Lubuntu. Es muss ja nicht immer Windows sein. Kannst du sehen welcher Prozess an der CPU saugt? __________________ Logfiles bitte immer in CODE-Tags posten

10.11.2014, 15:27	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Laptop WinVista sehr langsam [gelöst] Die CPU-Last ist da aber nur bei 59%... __________________ Logfiles bitte immer in CODE-Tags posten

Laptop WinVista sehr langsam

Alles rund um Windows: Laptop WinVista sehr langsam

Problem: Laptop WinVista sehr langsam