Fehlermeldung von Avira und diverse Funde von Adaware Cleaner

Sybilla · 17.11.2014, 11:56

Hallo liebe Helfer,

ich hatte am 3. November einen Fund von PUP.Optional.BrowserSafeGuard. Daraufhin habe ich Malwarebytes (Freeversion) aktualisiert und alles entfernt, was da gefunden wurde. Gestern hatte ich eine Meldung von Avira Filewalker (läuft einmal die Woche), mit einer merkwürdigen Frage, ob ich weiter scannen möchte oder irgendwie eingreifen möchte, da ein unerwünschtes Programm gefunden wurde. Diese Meldung habe ich in der Art bei Avira noch nie gesehen und war unsicher, ob das ein Werbeversuch war. Beim Versuch fortzusetzen hing sich Avira 2. Mal an der Datei C:Windows/zh-tw/WLXPGSS.SCR.mui auf. Ich habe dann AdAwareCleaner installiert und alles was er gefunden hat entfernt. Lieder war ich nicht so klug, das Protokoll zu kopieren. Danach hing sich Avira zwar noch 2x auf, hat mir aber heute einen komplett Bericht ohne Befund geliefert. Da ich aber nun sehr verunsichert bin und bei Euch gelesen habe, dass der PUP.Optional.BrowserSafeGuard sehr gefährlich sein kann habe ich hier mal das von Euch empfohlene Log File mit Farbar's Recovery Scan Tool erstellt. Leider ist hier für mich garnicht ersichtlich, ob hier nun noch Gefahren vorhanden sind, oder nun AdwareCleaner, Malwarebytes und Avira alles gefunden und entsorgt haben. Es wäre toll, wenn Ihr einen Expertenblick darauf haben könntet und mir Bescheid geben könnt, ob ich weitere Maßnahmen durchführen sollte oder mein Läppi soweit wieder "Keimfrei" ist.

Ganz herzliche Dank
Sybilla

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Sybilla (administrator) on Sybilla-PC on 17-11-2014 10:56:56
Running from C:\Users\Sybilla\Downloads
Loaded Profiles: Sybilla & (Available profiles: Sybilla)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Farbar) C:\Users\Sybilla\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818856 2011-08-25] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {0b14ba07-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {0b14ba0c-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {913445b8-2919-11e4-9cc1-90a4de55ede2} - E:\AutoRun.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0b14ba07-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0b14ba0c-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {913445b8-2919-11e4-9cc1-90a4de55ede2} - E:\AutoRun.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.quebles.com/
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.quebles.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default
FF Homepage: www.msn.de
FF NetworkProxy: "ftp", "41.231.53.40"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "41.231.53.40"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "41.231.53.40"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "41.231.53.40"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: German Dictionary - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08]
FF Extension: WOT - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-12]
FF Extension: Stealthy - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-24]
FF Extension: Quebles Emoticons - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{B2AB711D-5D6E-4DDF-AE15-479A93450D48}.xpi [2013-03-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-13]

Chrome:
=======
CHR Profile: C:\Users\Sybilla\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BlockAndSurf) - C:\Users\Sybilla\AppData\Local\Google\Chrome\User Data\Default\Extensions\lleebjehfemndnnddeljcileaifndhfj [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx [2010-07-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\smhwadb.sys [31744 2009-12-25] (Google Inc)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-17] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 smhwdev; C:\Windows\System32\DRIVERS\smhwdev.sys [114432 2010-01-14] (Huawei Technologies Co., Ltd.)
S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [122624 2010-02-05] (QUALCOMM Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 10:56 - 2014-11-17 10:56 - 02117120 _____ (Farbar) C:\Users\Sybilla\Downloads\FRST64(1).exe
2014-11-17 00:31 - 2014-11-17 00:31 - 02140160 _____ () C:\Users\Sybilla\Downloads\adwcleaner_4.101.exe
2014-11-14 15:02 - 2014-11-14 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-13 22:10 - 2014-11-13 22:10 - 00000000 __SHD () C:\Users\Sybilla\AppData\Local\EmieBrowserModeList
2014-11-13 01:20 - 2014-11-13 01:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 20:42 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-11 20:42 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-11 20:42 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-11 20:42 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-11 20:42 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-11 20:42 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-11 20:42 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-11 20:42 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-11 20:42 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-11 20:42 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-11 20:42 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-11 20:42 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-11 20:42 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-11 20:42 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-11 20:42 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-11 20:42 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-11 20:42 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-11 20:42 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-11 20:42 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-11 20:42 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-11 20:42 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-11 20:42 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-11 20:42 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-11 20:42 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-11 20:42 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-11 20:42 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 20:42 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-11 20:42 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-11 20:42 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-11 20:42 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-11 20:42 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-11 20:42 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-11 20:42 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-11 20:42 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-11 20:42 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-11 20:42 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-11 20:42 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 20:42 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-11 20:42 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-11 20:42 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-11 20:42 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-11 20:42 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-11 20:42 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-11 20:42 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-11 20:42 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-11 20:42 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-11 20:42 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-11 20:42 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-11 20:42 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-11 20:42 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-11 20:42 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-11 20:42 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-11 20:42 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-11 20:42 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-11 20:42 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-11 20:42 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-11 20:42 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-11 20:42 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-11 20:42 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-11 20:42 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-11 20:42 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-11 20:42 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-11 20:42 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-11 20:42 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-11 20:42 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-11 20:42 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-11 20:42 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-11 20:42 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-11 20:41 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-11 20:41 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-11 20:41 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-11 20:41 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-11 20:41 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-11 20:41 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-11 20:41 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-11 20:40 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-11 20:40 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-11 20:40 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-11 20:40 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-11 20:40 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-11 20:40 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-11 20:40 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-11 20:40 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-09 19:54 - 2014-11-09 19:54 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-11-09 19:54 - 2014-11-09 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-09 19:54 - 2014-11-09 19:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-09 19:51 - 2014-11-09 19:51 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files\iTunes
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files\iPod
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-03 19:00 - 2014-11-14 16:04 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-02 01:32 - 2014-11-17 00:54 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 01:32 - 2014-11-02 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-02 01:32 - 2014-11-02 01:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-02 01:32 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-02 01:32 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 10:56 - 2014-05-02 18:34 - 00020198 _____ () C:\Users\Sybilla\Downloads\FRST.txt
2014-11-17 10:56 - 2014-05-02 18:34 - 00000000 ____D () C:\FRST
2014-11-17 10:17 - 2013-03-15 00:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-17 07:47 - 2011-04-04 21:28 - 01242997 _____ () C:\windows\WindowsUpdate.log
2014-11-17 00:52 - 2011-04-04 20:53 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-11-17 00:52 - 2011-04-04 20:53 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-11-17 00:52 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-17 00:52 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-17 00:52 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-17 00:45 - 2013-09-06 23:03 - 00029567 _____ () C:\windows\setupact.log
2014-11-17 00:45 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-17 00:39 - 2013-12-22 18:37 - 00252430 _____ () C:\windows\PFRO.log
2014-11-17 00:39 - 2012-08-19 11:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-17 00:38 - 2013-08-24 15:40 - 00000000 ____D () C:\AdwCleaner
2014-11-15 15:47 - 2014-08-03 14:40 - 00262842 _____ () C:\windows\DPINST.LOG
2014-11-15 15:47 - 2014-08-03 14:40 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-15 15:47 - 2014-08-03 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-15 15:47 - 2011-04-04 05:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-14 16:04 - 2014-05-02 02:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-14 16:04 - 2013-02-25 06:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-13 01:00 - 2014-05-08 02:00 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-13 01:00 - 2009-07-14 05:45 - 00277360 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 03:03 - 2013-08-14 02:00 - 00000000 ____D () C:\windows\system32\MRT
2014-11-12 03:01 - 2012-08-26 23:01 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 01:17 - 2013-03-15 00:25 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 01:17 - 2013-02-27 18:22 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 01:17 - 2013-02-27 18:22 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-10 21:03 - 2013-01-12 20:18 - 00000000 ____D () C:\Users\Sybilla\dwhelper
2014-11-09 19:51 - 2014-09-19 19:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-09 19:51 - 2013-07-13 02:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-02 10:58 - 2013-11-12 00:37 - 00027136 ___SH () C:\Users\Sybilla\Thumbs.db
2014-11-02 01:32 - 2013-03-03 18:10 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-02 01:32 - 2012-11-20 21:33 - 00000000 ____D () C:\Users\Sybilla\AppData\Roaming\Malwarebytes
2014-11-02 01:32 - 2012-11-20 21:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-23 11:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-10-21 19:05 - 2012-08-18 19:39 - 00000000 ____D () C:\Users\Sybilla
2014-10-21 12:19 - 2012-09-12 12:54 - 00000000 ____D () C:\Users\Sybilla\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Sybilla\AppData\Local\Temp\avgnt.exe
C:\Users\Sybilla\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Sybilla\AppData\Local\Temp\Quarantine.exe
C:\Users\Sybilla\AppData\Local\Temp\ResetDevice.exe
C:\Users\Sybilla\AppData\Local\Temp\sqlite3.dll
C:\Users\Sybilla\AppData\Local\Temp\vlc-2.1.3-win32.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-30 01:58

==================== End Of Log ============================

schrauber · 17.11.2014, 11:58

Hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Addition.txt fehlt noch.

Sybilla · 17.11.2014, 12:07

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Sybilla (administrator) on Sybilla-PC on 17-11-2014 10:56:56
Running from C:\Users\Sybilla\Downloads
Loaded Profiles: Sybilla &  (Available profiles: Sybilla)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Farbar) C:\Users\Sybilla\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818856 2011-08-25] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {0b14ba07-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {0b14ba0c-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {913445b8-2919-11e4-9cc1-90a4de55ede2} - E:\AutoRun.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0b14ba07-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0b14ba0c-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {913445b8-2919-11e4-9cc1-90a4de55ede2} - E:\AutoRun.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.quebles.com/
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.quebles.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default
FF Homepage: www.msn.de
FF NetworkProxy: "ftp", "41.231.53.40"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "41.231.53.40"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "41.231.53.40"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "41.231.53.40"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: German Dictionary - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08]
FF Extension: WOT - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-12]
FF Extension: Stealthy - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-24]
FF Extension: Quebles Emoticons - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{B2AB711D-5D6E-4DDF-AE15-479A93450D48}.xpi [2013-03-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-13]

Chrome: 
=======
CHR Profile: C:\Users\Sybilla\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BlockAndSurf) - C:\Users\Sybilla\AppData\Local\Google\Chrome\User Data\Default\Extensions\lleebjehfemndnnddeljcileaifndhfj [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx [2010-07-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\smhwadb.sys [31744 2009-12-25] (Google Inc)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-17] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 smhwdev; C:\Windows\System32\DRIVERS\smhwdev.sys [114432 2010-01-14] (Huawei Technologies Co., Ltd.)
S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [122624 2010-02-05] (QUALCOMM Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 10:56 - 2014-11-17 10:56 - 02117120 _____ (Farbar) C:\Users\Sybilla\Downloads\FRST64(1).exe
2014-11-17 00:31 - 2014-11-17 00:31 - 02140160 _____ () C:\Users\Sybilla\Downloads\adwcleaner_4.101.exe
2014-11-14 15:02 - 2014-11-14 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-13 22:10 - 2014-11-13 22:10 - 00000000 __SHD () C:\Users\Sybilla\AppData\Local\EmieBrowserModeList
2014-11-13 01:20 - 2014-11-13 01:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 20:42 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-11 20:42 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-11 20:42 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-11 20:42 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-11 20:42 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-11 20:42 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-11 20:42 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-11 20:42 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-11 20:42 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-11 20:42 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-11 20:42 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-11 20:42 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-11 20:42 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-11 20:42 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-11 20:42 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-11 20:42 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-11 20:42 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-11 20:42 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-11 20:42 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-11 20:42 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-11 20:42 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-11 20:42 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-11 20:42 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-11 20:42 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-11 20:42 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-11 20:42 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 20:42 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-11 20:42 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-11 20:42 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-11 20:42 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-11 20:42 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-11 20:42 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-11 20:42 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-11 20:42 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-11 20:42 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-11 20:42 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-11 20:42 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 20:42 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-11 20:42 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-11 20:42 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-11 20:42 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-11 20:42 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-11 20:42 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-11 20:42 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-11 20:42 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-11 20:42 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-11 20:42 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-11 20:42 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-11 20:42 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-11 20:42 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-11 20:42 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-11 20:42 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-11 20:42 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-11 20:42 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-11 20:42 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-11 20:42 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-11 20:42 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-11 20:42 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-11 20:42 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-11 20:42 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-11 20:42 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-11 20:42 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-11 20:42 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-11 20:42 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-11 20:42 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-11 20:42 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-11 20:42 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-11 20:42 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-11 20:41 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-11 20:41 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-11 20:41 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-11 20:41 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-11 20:41 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-11 20:41 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-11 20:41 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-11 20:40 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-11 20:40 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-11 20:40 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-11 20:40 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-11 20:40 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-11 20:40 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-11 20:40 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-11 20:40 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-09 19:54 - 2014-11-09 19:54 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-11-09 19:54 - 2014-11-09 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-09 19:54 - 2014-11-09 19:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-09 19:51 - 2014-11-09 19:51 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files\iTunes
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files\iPod
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-03 19:00 - 2014-11-14 16:04 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-02 01:32 - 2014-11-17 00:54 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 01:32 - 2014-11-02 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-02 01:32 - 2014-11-02 01:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-02 01:32 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-02 01:32 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 10:56 - 2014-05-02 18:34 - 00020198 _____ () C:\Users\Sybilla\Downloads\FRST.txt
2014-11-17 10:56 - 2014-05-02 18:34 - 00000000 ____D () C:\FRST
2014-11-17 10:17 - 2013-03-15 00:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-17 07:47 - 2011-04-04 21:28 - 01242997 _____ () C:\windows\WindowsUpdate.log
2014-11-17 00:52 - 2011-04-04 20:53 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-11-17 00:52 - 2011-04-04 20:53 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-11-17 00:52 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-17 00:52 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-17 00:52 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-17 00:45 - 2013-09-06 23:03 - 00029567 _____ () C:\windows\setupact.log
2014-11-17 00:45 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-17 00:39 - 2013-12-22 18:37 - 00252430 _____ () C:\windows\PFRO.log
2014-11-17 00:39 - 2012-08-19 11:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-17 00:38 - 2013-08-24 15:40 - 00000000 ____D () C:\AdwCleaner
2014-11-15 15:47 - 2014-08-03 14:40 - 00262842 _____ () C:\windows\DPINST.LOG
2014-11-15 15:47 - 2014-08-03 14:40 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-15 15:47 - 2014-08-03 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-15 15:47 - 2011-04-04 05:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-14 16:04 - 2014-05-02 02:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-14 16:04 - 2013-02-25 06:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-13 01:00 - 2014-05-08 02:00 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-13 01:00 - 2009-07-14 05:45 - 00277360 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 03:03 - 2013-08-14 02:00 - 00000000 ____D () C:\windows\system32\MRT
2014-11-12 03:01 - 2012-08-26 23:01 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 01:17 - 2013-03-15 00:25 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 01:17 - 2013-02-27 18:22 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 01:17 - 2013-02-27 18:22 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-10 21:03 - 2013-01-12 20:18 - 00000000 ____D () C:\Users\Sybilla\dwhelper
2014-11-09 19:51 - 2014-09-19 19:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-09 19:51 - 2013-07-13 02:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-02 10:58 - 2013-11-12 00:37 - 00027136 ___SH () C:\Users\Sybilla\Thumbs.db
2014-11-02 01:32 - 2013-03-03 18:10 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-02 01:32 - 2012-11-20 21:33 - 00000000 ____D () C:\Users\Sybilla\AppData\Roaming\Malwarebytes
2014-11-02 01:32 - 2012-11-20 21:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-23 11:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-10-21 19:05 - 2012-08-18 19:39 - 00000000 ____D () C:\Users\Sybilla
2014-10-21 12:19 - 2012-09-12 12:54 - 00000000 ____D () C:\Users\Sybilla\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Sybilla\AppData\Local\Temp\avgnt.exe
C:\Users\Sybilla\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Sybilla\AppData\Local\Temp\Quarantine.exe
C:\Users\Sybilla\AppData\Local\Temp\ResetDevice.exe
C:\Users\Sybilla\AppData\Local\Temp\sqlite3.dll
C:\Users\Sybilla\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-30 01:58

==================== End Of Log ============================

--- --- ---

schrauber · 18.11.2014, 08:54

Addition.txt fehlt immer noch von FRST

Sybilla · 18.11.2014, 09:11

Hallo lieber Schrauber
danke für Deine Antwort ist habe leider keine Idee was für einen Addition.txt gemeint ist? ich habe alles was das FRST ausgeworfen hat komplett kopiert. Weitere Texte habe ich nicht erhalten bzw. weiß nicht, wo ich diese finden kann?

Vielen Dank
Sybilla

Hi habe nun nochmal einen Scan gemacht und das Feld Addition.txt auch angehakt, ich hoffe der ist dann nun auch dabei?

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-11-2014 03
Ran by Sybilla at 2014-11-18 09:05:00
Running from C:\Users\Sybilla\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
ChargeableUSB (HKLM-x32\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DVBViewer TERRATEC Edition (HKLM-x32\...\DVBViewer TERRATEC Edition_is1) (Version:  - CM&V)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{EA76E65F-6679-495A-A8A6-42AD6602ED4C}) (Version: 1.0.11 - Samsung)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
Iminent (x32 Version: 6.32.41.0 - Iminent) Hidden <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.06.40 - Huawei Technologies Co.,Ltd)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - )
MyFreeCodec (HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2846612950-2864176646-3413132641-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
NOXON DAB MediaPlayer (HKLM-x32\...\{9117C289-7C22-441B-BF9A-5C4C66AC6C0C}) (Version: 1.0.10 - NOXON Media)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PC Suite (HKLM-x32\...\PC Suite) (Version: 12.09.109.U8120D02SP02 - Huawei Technologies Co.,Ltd)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6246 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.9 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.0301 - SRS Labs, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.22.0 - Synaptics Incorporated)
TERRATEC T-Stick PLUS V86.001.1129.2011 (HKLM-x32\...\TERRATEC T-Stick PLUS) (Version: 86.001.1129.2011 - )
Tuning Tool (HKLM-x32\...\{E95D2E2E-992A-4B3B-895A-C651EBCAC458}) (Version: 1.1.0 - Telefónica o2 Germany GmbH & Co. OHG)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

12-11-2014 02:00:15 Windows Update
15-11-2014 14:57:40 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {124CA5D0-B907-4BD0-AD32-0881AEE75605} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {133D85FF-8DC6-4B6F-81E5-109EAE019C57} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {23C739C8-C981-4BC8-95F9-F31EB906C709} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {3B2F730A-84E2-4A5F-80ED-6145AAA2F691} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {3ED517D8-75F0-4177-9BAF-1069C3C1A4EA} - System32\Tasks\{9C990F5D-88EE-43DC-BA02-819E4287B92D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.73.106.456/de/abandoninstall?page=tsProgressBar
Task: {45BDED53-AFDD-46F0-86BB-C20C56DB4815} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {56D73D2F-B71B-42FC-BAF2-CABB7A0E9867} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {5F27B28D-484E-4527-BA7F-9D0209EA3875} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6F6BB17D-05D0-41FB-8F06-FB7EA8D2EBA3} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {75D56FEC-6ABF-40D9-8C43-D5C22E0801BD} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {7B73C2FD-BB98-473C-97D0-711C99E3E7D2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2846612950-2864176646-3413132641-1001
Task: {A66AA4E2-0775-4E73-A9DB-97EA15CC4052} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {BB144633-A224-4AA6-A0D5-4D19C6FCA112} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {C7064E37-0A1D-427E-B526-A6AB6F6E01B0} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-15] (SRS Labs, Inc.)
Task: {C91D938D-3288-4836-8026-101ED00DE2D0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D25FC41A-0692-4126-8266-04990C8EA824} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {DC672D82-28F9-45C8-B1CD-B5002CF0B795} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)
Task: {DC8C200F-2978-4CFC-8998-BDE8E1A62239} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-09-20 00:51 - 2014-09-14 00:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-20 00:52 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-04 20:36 - 2008-06-05 00:53 - 00027648 _____ () C:\windows\System32\spd__l.dll
2011-04-04 05:52 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-04-04 20:33 - 2010-12-17 01:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-03 14:40 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2011-04-04 20:36 - 2010-10-21 19:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-20 00:51 - 2014-09-14 00:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-04 06:00 - 2010-07-05 11:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2014-08-03 14:40 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-08-03 14:40 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-04-04 05:41 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-04-04 06:04 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2014-11-13 01:20 - 2014-11-13 01:20 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-11-12 01:17 - 2014-11-12 01:17 - 16840880 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-2846612950-2864176646-3413132641-500 - Administrator - Disabled)
Gast (S-1-5-21-2846612950-2864176646-3413132641-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2846612950-2864176646-3413132641-1003 - Limited - Enabled)
Sybilla (S-1-5-21-2846612950-2864176646-3413132641-1001 - Administrator - Enabled) => C:\Users\Sybilla

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2014 11:43:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4056

Error: (11/17/2014 11:43:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4056

Error: (11/17/2014 11:43:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2014 11:43:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3027

Error: (11/17/2014 11:43:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3027

Error: (11/17/2014 11:43:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2014 11:43:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013

Error: (11/17/2014 11:43:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013

Error: (11/17/2014 11:43:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2014 11:43:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014


System errors:
=============
Error: (11/17/2014 00:39:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (11/17/2014 00:39:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (11/17/2014 00:39:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (11/17/2014 00:38:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/17/2014 00:38:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/17/2014 00:38:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Sony PC Companion" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/17/2014 00:38:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/17/2014 00:38:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/17/2014 00:38:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/17/2014 00:38:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (11/17/2014 11:43:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4056

Error: (11/17/2014 11:43:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4056

Error: (11/17/2014 11:43:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2014 11:43:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3027

Error: (11/17/2014 11:43:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3027

Error: (11/17/2014 11:43:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2014 11:43:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013

Error: (11/17/2014 11:43:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013

Error: (11/17/2014 11:43:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/17/2014 11:43:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 37%
Total physical RAM: 4009.55 MB
Available physical RAM: 2488.18 MB
Total Pagefile: 8017.27 MB
Available Pagefile: 4545.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.58 GB) (Free:20.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: DF91A2B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=96.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.6 GB) - (Type=27)

==================== End Of Log ============================

habe zudem gestern noch einen Scan mit Emisoft gemacht und nach Fund diese beiden via Emisoft eliminiert

Code:

ATTFilter

Emsisoft Emergency Kit - Version 9.0
Letztes Update: 11/17/2014 4:05:00 PM
Benutzerkonto: Sybilla-PC\Sybilla

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, Q:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:    11/17/2014 4:05:35 PM
C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll     gefunden: Adware.Linkury.B (B)
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll     gefunden: Gen:Adware.Heur.im9@g5ClM@j (B)

Gescannt    240195
Gefunden    2

Scan Ende:    11/17/2014 5:00:24 PM
Scan Zeit:    0:54:49

Vielen Dank
Sybilla

schrauber · 18.11.2014, 20:11

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Iminent
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Sybilla · 19.11.2014, 14:59

Hi habe Unistall geladen bzw. downgeloaded. Dabei hat mein Avira einen Virus bemängelt und den entfernt. Danach konnte ich es aber runterladen. Das Programm Iminent kann ich in der vorhandenen Liste leider nicht entdecken

LG

Code:

ATTFilter

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 19. November 2014  14:36


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : KATHARINA-PC

Versionsinformationen:
BUILD.DAT      : 14.0.7.342     92013 Bytes  23.10.2014 14:02:00
AVSCAN.EXE     : 14.0.7.312   1015544 Bytes  13.11.2014 10:35:39
AVSCANRC.DLL   : 14.0.7.308     64304 Bytes  13.11.2014 10:35:39
LUKE.DLL       : 14.0.7.310     60664 Bytes  13.11.2014 10:35:50
AVSCPLR.DLL    : 14.0.7.310     93488 Bytes  13.11.2014 10:35:39
REPAIR.DLL     : 14.0.7.312    366328 Bytes  13.11.2014 10:35:39
REPAIR.RDF     : 1.0.2.30      596694 Bytes  26.10.2014 03:29:29
AVREG.DLL      : 14.0.7.310    264952 Bytes  13.11.2014 10:35:38
AVLODE.DLL     : 14.0.7.312    563448 Bytes  13.11.2014 10:35:38
AVLODE.RDF     : 14.0.4.50      76508 Bytes  11.11.2014 19:27:25
XBV00012.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00013.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00014.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00015.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00016.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00017.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00018.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00019.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00020.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:29
XBV00021.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00022.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00023.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00024.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00025.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00026.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00027.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00028.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00029.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00030.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00031.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00032.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00033.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00034.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00035.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00036.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00037.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00038.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00039.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00040.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00041.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 19:28:30
XBV00106.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:30
XBV00107.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:30
XBV00108.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:30
XBV00109.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:30
XBV00110.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:30
XBV00111.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:30
XBV00112.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00113.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00114.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00115.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00116.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00117.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00118.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00119.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00120.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00121.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00122.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00123.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00124.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00125.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00126.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00127.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00128.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00129.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00130.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00131.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:31
XBV00132.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00133.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00134.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00135.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00136.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00137.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00138.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00139.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00140.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00141.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00142.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00143.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00144.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00145.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00146.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00147.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00148.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00149.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00150.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00151.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00152.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00153.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00154.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00155.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:32
XBV00156.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00157.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00158.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00159.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00160.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00161.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00162.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00163.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00164.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00165.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00166.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00167.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00168.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00169.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00170.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00171.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00172.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00173.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00174.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00175.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00176.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00177.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00178.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00179.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:33
XBV00180.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00181.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00182.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00183.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00184.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00185.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00186.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00187.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00188.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00189.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00190.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00191.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00192.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00193.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00194.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00195.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00196.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00197.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00198.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00199.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00200.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00201.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00202.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00203.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:34
XBV00204.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00205.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00206.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00207.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00208.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00209.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00210.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00211.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00212.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00213.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00214.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:35
XBV00215.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00216.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00217.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00218.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00219.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00220.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00221.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00222.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:36
XBV00223.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:37
XBV00224.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:37
XBV00225.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:37
XBV00226.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:38
XBV00227.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:38
XBV00228.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:38
XBV00229.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:38
XBV00230.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:39
XBV00231.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:39
XBV00232.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:39
XBV00233.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:39
XBV00234.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:40
XBV00235.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:40
XBV00236.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:40
XBV00237.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:40
XBV00238.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:40
XBV00239.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:41
XBV00240.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:41
XBV00241.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:41
XBV00242.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:41
XBV00243.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:41
XBV00244.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:41
XBV00245.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00246.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00247.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00248.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00249.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00250.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00251.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00252.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00253.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00254.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00255.VDF   : 8.11.184.50     2048 Bytes  11.11.2014 19:27:42
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 21:19:16
XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 15:10:28
XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 18:01:21
XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 21:27:52
XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 16:47:21
XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 18:21:27
XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 15:46:41
XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 18:32:02
XBV00008.VDF   : 8.11.165.192  4251136 Bytes  07.08.2014 19:28:29
XBV00009.VDF   : 8.11.172.30  2094080 Bytes  15.09.2014 18:13:54
XBV00010.VDF   : 8.11.178.32  1581056 Bytes  14.10.2014 21:57:53
XBV00011.VDF   : 8.11.184.50  2178560 Bytes  11.11.2014 19:27:28
XBV00042.VDF   : 8.11.184.74     2048 Bytes  11.11.2014 19:27:28
XBV00043.VDF   : 8.11.184.98    37376 Bytes  11.11.2014 19:27:28
XBV00044.VDF   : 8.11.184.124    20992 Bytes  11.11.2014 19:27:28
XBV00045.VDF   : 8.11.184.126     2048 Bytes  11.11.2014 19:27:28
XBV00046.VDF   : 8.11.184.152    17920 Bytes  11.11.2014 01:27:27
XBV00047.VDF   : 8.11.184.154    12288 Bytes  11.11.2014 01:27:27
XBV00048.VDF   : 8.11.184.156     5632 Bytes  12.11.2014 01:27:27
XBV00049.VDF   : 8.11.184.160     6656 Bytes  12.11.2014 10:35:53
XBV00050.VDF   : 8.11.184.182     8704 Bytes  12.11.2014 10:35:53
XBV00051.VDF   : 8.11.184.202     6144 Bytes  12.11.2014 10:35:53
XBV00052.VDF   : 8.11.184.204    10752 Bytes  12.11.2014 10:35:53
XBV00053.VDF   : 8.11.184.224    28160 Bytes  12.11.2014 10:35:53
XBV00054.VDF   : 8.11.184.246    34304 Bytes  12.11.2014 10:35:53
XBV00055.VDF   : 8.11.184.250    15360 Bytes  12.11.2014 10:35:53
XBV00056.VDF   : 8.11.184.252    11776 Bytes  12.11.2014 10:35:53
XBV00057.VDF   : 8.11.185.18    35840 Bytes  13.11.2014 10:35:53
XBV00058.VDF   : 8.11.185.38    35840 Bytes  13.11.2014 17:18:41
XBV00059.VDF   : 8.11.185.58    10240 Bytes  13.11.2014 17:18:41
XBV00060.VDF   : 8.11.185.60     2048 Bytes  13.11.2014 17:18:41
XBV00061.VDF   : 8.11.185.62     7168 Bytes  13.11.2014 17:18:42
XBV00062.VDF   : 8.11.185.82     9216 Bytes  13.11.2014 17:18:42
XBV00063.VDF   : 8.11.185.102    29696 Bytes  13.11.2014 23:18:34
XBV00064.VDF   : 8.11.185.104     2048 Bytes  13.11.2014 23:18:34
XBV00065.VDF   : 8.11.185.108    20480 Bytes  13.11.2014 08:33:53
XBV00066.VDF   : 8.11.185.110     4608 Bytes  13.11.2014 08:33:53
XBV00067.VDF   : 8.11.185.112    26112 Bytes  14.11.2014 08:33:53
XBV00068.VDF   : 8.11.185.132     9216 Bytes  14.11.2014 08:33:53
XBV00069.VDF   : 8.11.185.150     4608 Bytes  14.11.2014 15:03:08
XBV00070.VDF   : 8.11.185.168    15360 Bytes  14.11.2014 15:03:08
XBV00071.VDF   : 8.11.185.186    17920 Bytes  14.11.2014 15:03:08
XBV00072.VDF   : 8.11.185.204     8192 Bytes  14.11.2014 15:03:08
XBV00073.VDF   : 8.11.185.224   203264 Bytes  14.11.2014 14:45:58
XBV00074.VDF   : 8.11.185.226     5120 Bytes  14.11.2014 14:45:58
XBV00075.VDF   : 8.11.185.228     2048 Bytes  14.11.2014 14:45:58
XBV00076.VDF   : 8.11.186.8     34304 Bytes  14.11.2014 14:45:58
XBV00077.VDF   : 8.11.186.26    41472 Bytes  15.11.2014 14:45:58
XBV00078.VDF   : 8.11.186.44     2048 Bytes  15.11.2014 14:45:58
XBV00079.VDF   : 8.11.186.62    18432 Bytes  15.11.2014 14:45:58
XBV00080.VDF   : 8.11.186.88    20480 Bytes  15.11.2014 16:48:45
XBV00081.VDF   : 8.11.186.106     2048 Bytes  15.11.2014 16:48:45
XBV00082.VDF   : 8.11.186.108    69632 Bytes  16.11.2014 16:48:45
XBV00083.VDF   : 8.11.186.110     2048 Bytes  16.11.2014 16:48:45
XBV00084.VDF   : 8.11.186.112     2048 Bytes  16.11.2014 16:48:45
XBV00085.VDF   : 8.11.186.128     5120 Bytes  16.11.2014 22:48:45
XBV00086.VDF   : 8.11.186.130    56320 Bytes  16.11.2014 22:48:45
XBV00087.VDF   : 8.11.186.146    67584 Bytes  17.11.2014 06:42:20
XBV00088.VDF   : 8.11.186.162   108032 Bytes  17.11.2014 12:42:20
XBV00089.VDF   : 8.11.186.164     2048 Bytes  17.11.2014 12:42:20
XBV00090.VDF   : 8.11.186.180     8704 Bytes  17.11.2014 19:20:31
XBV00091.VDF   : 8.11.186.196    16896 Bytes  17.11.2014 19:20:31
XBV00092.VDF   : 8.11.186.214    19968 Bytes  17.11.2014 01:20:28
XBV00093.VDF   : 8.11.186.218    25088 Bytes  17.11.2014 01:20:28
XBV00094.VDF   : 8.11.186.222    41984 Bytes  18.11.2014 07:41:03
XBV00095.VDF   : 8.11.186.224    10240 Bytes  18.11.2014 13:41:02
XBV00096.VDF   : 8.11.186.226     9728 Bytes  18.11.2014 13:41:02
XBV00097.VDF   : 8.11.186.230     2048 Bytes  18.11.2014 13:41:02
XBV00098.VDF   : 8.11.186.246    27648 Bytes  18.11.2014 13:08:32
XBV00099.VDF   : 8.11.187.4      2048 Bytes  18.11.2014 13:08:32
XBV00100.VDF   : 8.11.187.22    22528 Bytes  18.11.2014 13:08:32
XBV00101.VDF   : 8.11.187.36     2048 Bytes  18.11.2014 13:08:32
XBV00102.VDF   : 8.11.187.50    18432 Bytes  18.11.2014 13:08:32
XBV00103.VDF   : 8.11.187.66    34816 Bytes  19.11.2014 13:08:32
XBV00104.VDF   : 8.11.187.68    44032 Bytes  19.11.2014 13:08:32
XBV00105.VDF   : 8.11.187.70     2048 Bytes  19.11.2014 13:08:32
LOCAL000.VDF   : 8.11.187.70 115000320 Bytes  19.11.2014 13:08:57
Engineversion  : 8.3.26.16 
AEVDF.DLL      : 8.3.1.6       133992 Bytes  20.08.2014 17:30:23
AESCRIPT.DLL   : 8.2.2.22      526248 Bytes  17.11.2014 12:42:19
AESCN.DLL      : 8.3.2.2       139456 Bytes  21.07.2014 15:15:28
AESBX.DLL      : 8.2.20.24    1409224 Bytes  08.05.2014 19:07:46
AERDL.DLL      : 8.2.1.16      743328 Bytes  29.10.2014 22:03:30
AEPACK.DLL     : 8.4.0.54      788392 Bytes  24.09.2014 17:49:52
AEOFFICE.DLL   : 8.3.1.6       350120 Bytes  17.11.2014 12:42:19
AEHEUR.DLL     : 8.1.4.1396   7772072 Bytes  17.11.2014 12:42:19
AEHELP.DLL     : 8.3.1.0       278728 Bytes  29.05.2014 16:05:50
AEGEN.DLL      : 8.1.7.34      453480 Bytes  06.11.2014 21:56:03
AEEXP.DLL      : 8.4.2.44      251808 Bytes  17.11.2014 12:42:19
AEEMU.DLL      : 8.1.3.4       399264 Bytes  07.08.2014 19:28:24
AEDROID.DLL    : 8.4.2.248     812968 Bytes  17.11.2014 12:42:19
AECORE.DLL     : 8.3.2.6       243712 Bytes  07.08.2014 19:28:23
AEBB.DLL       : 8.1.2.0        60448 Bytes  07.08.2014 19:28:23
AVWINLL.DLL    : 14.0.7.308     25904 Bytes  13.11.2014 10:35:36
AVPREF.DLL     : 14.0.7.308     52016 Bytes  13.11.2014 10:35:38
AVREP.DLL      : 14.0.7.308    220976 Bytes  13.11.2014 10:35:38
AVARKT.DLL     : 14.0.7.308    227632 Bytes  13.11.2014 10:35:36
AVEVTLOG.DLL   : 14.0.7.310    184112 Bytes  13.11.2014 10:35:37
SQLITE3.DLL    : 14.0.7.308    453936 Bytes  13.11.2014 10:35:52
AVSMTP.DLL     : 14.0.7.308     79096 Bytes  13.11.2014 10:35:39
NETNT.DLL      : 14.0.7.308     15152 Bytes  13.11.2014 10:35:51
RCIMAGE.DLL    : 14.0.7.308   4865328 Bytes  13.11.2014 10:35:36
RCTEXT.DLL     : 14.0.7.318     77048 Bytes  13.11.2014 10:35:36

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_54693735\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Reparieren
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig

Beginn des Suchlaufs: Mittwoch, 19. November 2014  14:36

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '190' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'btwdins.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CAutoUpdateSvc.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CPNRSvc.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'GfExperienceService.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'RichVideo.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'ImpWiFiSvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '223' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'Kies.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanion.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanionInfo.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesTrayAgent.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'RunDll32.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtStackServer.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'BluetoothHeadsetProxy.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '135' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'YCMMirage.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'srspremiumpanel_64.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'dmhkcore.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'WifiManager.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLSvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'Media+Player10Serv.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'WCScheduler.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasySpeedUpManager.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'SmartRestarter.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'MovieColorEnhancer.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSCKbdHk.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'SUPBackground.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'FRST64(1).exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '166' Modul(e) wurden durchsucht
Durchsuche Prozess 'a2emergencykit.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'prevhost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'prevhost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_15_0_0_223.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_15_0_0_223.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'revouninstaller.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '32' Modul(e) wurden durchsucht

Untersuchung der Systemdateien wird begonnen:
Signiert -> 'C:\windows\system32\svchost.exe'
Signiert -> 'C:\windows\system32\winlogon.exe'
Signiert -> 'C:\windows\explorer.exe'
Signiert -> 'C:\windows\system32\smss.exe'
Signiert -> 'C:\windows\system32\wininet.DLL'
Signiert -> 'C:\windows\system32\wsock32.DLL'
Signiert -> 'C:\windows\system32\ws2_32.DLL'
Signiert -> 'C:\windows\system32\services.exe'
Signiert -> 'C:\windows\system32\lsass.exe'
Signiert -> 'C:\windows\system32\csrss.exe'
Signiert -> 'C:\windows\system32\drivers\kbdclass.sys'
Signiert -> 'C:\windows\system32\spoolsv.exe'
Signiert -> 'C:\windows\system32\alg.exe'
Signiert -> 'C:\windows\system32\wuauclt.exe'
Signiert -> 'C:\windows\system32\advapi32.DLL'
Signiert -> 'C:\windows\system32\user32.DLL'
Signiert -> 'C:\windows\system32\gdi32.DLL'
Signiert -> 'C:\windows\system32\kernel32.DLL'
Signiert -> 'C:\windows\system32\ntdll.DLL'
Signiert -> 'C:\windows\system32\ntoskrnl.exe'
Signiert -> 'C:\windows\system32\drivers\beep.sys'
Signiert -> 'C:\windows\system32\ctfmon.exe'
Signiert -> 'C:\windows\system32\imm32.dll'
Signiert -> 'C:\windows\system32\dsound.dll'
Signiert -> 'C:\windows\system32\aclui.dll'
Signiert -> 'C:\windows\system32\msvcrt.dll'
Signiert -> 'C:\windows\system32\d3d9.dll'
Signiert -> 'C:\windows\system32\dnsapi.dll'
Signiert -> 'C:\windows\system32\mshtml.dll'
Signiert -> 'C:\windows\system32\regsvr32.exe'
Signiert -> 'C:\windows\system32\rundll32.exe'
Signiert -> 'C:\windows\system32\userinit.exe'
Signiert -> 'C:\windows\system32\reg.exe'
Signiert -> 'C:\windows\regedit.exe'
Die Systemdateien wurden durchsucht ('34' Dateien)

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Users\Katharina\Downloads\FileOpenerSetup.exe'
C:\Users\Katharina\Downloads\FileOpenerSetup.exe
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/InstallCore.Gen7
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51bf0c0e.qua' verschoben!


Ende des Suchlaufs: Mittwoch, 19. November 2014  14:37
Benötigte Zeit: 00:17 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   1155 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   1154 Dateien ohne Befall
     23 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise

schrauber · 19.11.2014, 19:15

Du hast aber kein Revo geladen beim ersten Mal sondern auf Werbung geklickt, schau mal wie der Fund in Avira heißt.

Deinstalliere Iminent normal über Windows. Dann direkt weiter mit den 3 Tools.

Sybilla · 20.11.2014, 14:07

Hallo lieber Schrauber der Fund bei Avira ist

Code:

ATTFilter

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Users\Katharina\Downloads\FileOpenerSetup.exe'
C:\Users\Katharina\Downloads\FileOpenerSetup.exe
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/InstallCore.Gen7
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51bf0c0e.qua' verschoben!


Ende des Suchlaufs: Mittwoch, 19. November 2014  14:37
Benötigte Zeit: 00:17 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   1155 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   1154 Dateien ohne Befall
     23 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise

Iminent kann ich auf meinem ganzen Rechner nur im Logfile von FRST Finden aber sonst weder in den Programmen noch im Remove Tool. Kann es sein, dass das mit der Quebles Toolbar zusammenhängt?

LG

Hallo lieber Schrauber, da ich Iminent in Zusammenhang mit den Quebles im Internet gefunden habe, habe ich die mal aus den Add Ons von Firefox entfernt /deinstalliert und dann den Registry CCCleaner über alles laufen lasse aber der Log zeigt immer noch Iminent an, den ich aber nirgendwo finden kann ;(. Weder unter Add.ons noch unter Windows Programme und auch nicht in der für 30Tage nun installierten Testversion von Revo Uninstaller. Auch der Pfad sagt mich nichts. Den habe ich nicht im Explorer,
Was sollte ich als nächstes tun

Vielen Dank!und viele Grüße

Sybilla

Anbei das FRST von heute der additional Teil

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014
Ran by Sybillaat 2014-11-20 13:48:27
Running from C:\Users\Sybilla\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
ChargeableUSB (HKLM-x32\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DVBViewer TERRATEC Edition (HKLM-x32\...\DVBViewer TERRATEC Edition_is1) (Version:  - CM&V)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{EA76E65F-6679-495A-A8A6-42AD6602ED4C}) (Version: 1.0.11 - Samsung)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
Iminent (x32 Version: 6.32.41.0 - Iminent) Hidden <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.06.40 - Huawei Technologies Co.,Ltd)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - )
MyFreeCodec (HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MyFreeCodec) (Version:  - )
NOXON DAB MediaPlayer (HKLM-x32\...\{9117C289-7C22-441B-BF9A-5C4C66AC6C0C}) (Version: 1.0.10 - NOXON Media)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PC Suite (HKLM-x32\...\PC Suite) (Version: 12.09.109.U8120D02SP02 - Huawei Technologies Co.,Ltd)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6246 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.9 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.0301 - SRS Labs, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.22.0 - Synaptics Incorporated)
TERRATEC T-Stick PLUS V86.001.1129.2011 (HKLM-x32\...\TERRATEC T-Stick PLUS) (Version: 86.001.1129.2011 - )
Tuning Tool (HKLM-x32\...\{E95D2E2E-992A-4B3B-895A-C651EBCAC458}) (Version: 1.1.0 - Telefónica o2 Germany GmbH & Co. OHG)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

15-11-2014 14:57:40 Windows Update
19-11-2014 14:03:52 Windows Update
19-11-2014 17:23:24 Windows Update
20-11-2014 12:34:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {124CA5D0-B907-4BD0-AD32-0881AEE75605} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {133D85FF-8DC6-4B6F-81E5-109EAE019C57} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {23C739C8-C981-4BC8-95F9-F31EB906C709} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {3B2F730A-84E2-4A5F-80ED-6145AAA2F691} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {3ED517D8-75F0-4177-9BAF-1069C3C1A4EA} - System32\Tasks\{9C990F5D-88EE-43DC-BA02-819E4287B92D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.73.106.456/de/abandoninstall?page=tsProgressBar
Task: {45BDED53-AFDD-46F0-86BB-C20C56DB4815} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {56D73D2F-B71B-42FC-BAF2-CABB7A0E9867} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {5F27B28D-484E-4527-BA7F-9D0209EA3875} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6F6BB17D-05D0-41FB-8F06-FB7EA8D2EBA3} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {75D56FEC-6ABF-40D9-8C43-D5C22E0801BD} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {7B73C2FD-BB98-473C-97D0-711C99E3E7D2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2846612950-2864176646-3413132641-1001
Task: {A66AA4E2-0775-4E73-A9DB-97EA15CC4052} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {BB144633-A224-4AA6-A0D5-4D19C6FCA112} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {C7064E37-0A1D-427E-B526-A6AB6F6E01B0} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-15] (SRS Labs, Inc.)
Task: {C91D938D-3288-4836-8026-101ED00DE2D0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D25FC41A-0692-4126-8266-04990C8EA824} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {DC672D82-28F9-45C8-B1CD-B5002CF0B795} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)
Task: {DC8C200F-2978-4CFC-8998-BDE8E1A62239} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-04-04 20:36 - 2008-06-05 00:53 - 00027648 _____ () C:\windows\System32\spd__l.dll
2011-04-04 05:52 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-09-20 00:51 - 2014-09-14 00:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-20 00:52 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-04 20:33 - 2010-12-17 01:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-03 14:40 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-04-04 20:36 - 2010-10-21 19:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-20 00:51 - 2014-09-14 00:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-04 06:00 - 2010-07-05 11:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2014-08-03 14:40 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-08-03 14:40 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2014-11-13 01:20 - 2014-11-13 01:20 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-04 05:41 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2011-04-04 06:04 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-11-12 01:17 - 2014-11-12 01:17 - 16840880 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-2846612950-2864176646-3413132641-500 - Administrator - Disabled)
Gast (S-1-5-21-2846612950-2864176646-3413132641-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2846612950-2864176646-3413132641-1003 - Limited - Enabled)
Sybilla(S-1-5-21-2846612950-2864176646-3413132641-1001 - Administrator - Enabled) => C:\Users\Sybilla

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/20/2014 01:39:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2014 01:31:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.1.0.5423, Zeitstempel: 0x545c0a59
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.1.0.5423, Zeitstempel: 0x545be5ee
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1e40
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/19/2014 07:23:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 06:48:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5117

Error: (11/19/2014 06:48:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5117

Error: (11/19/2014 06:48:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/19/2014 06:48:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025

Error: (11/19/2014 06:48:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4025

Error: (11/19/2014 06:48:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/19/2014 06:48:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3027


System errors:
=============
Error: (11/20/2014 01:34:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070308 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2965788)

Error: (11/20/2014 01:34:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070308 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2923545)

Error: (11/20/2014 01:34:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070308 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2984981)

Error: (11/19/2014 03:04:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (11/18/2014 10:32:01 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.

Error: (11/17/2014 00:39:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (11/17/2014 00:39:06 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (11/17/2014 00:39:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (11/17/2014 00:38:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/17/2014 00:38:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (11/20/2014 01:39:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2014 01:31:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423545c0a59mozalloc.dll33.1.0.5423545be5ee80000003000014251e4001d004bd2f36a57eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1efa2d3c-70b1-11e4-ba5a-90a4de55ede2

Error: (11/19/2014 07:23:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 06:48:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5117

Error: (11/19/2014 06:48:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5117

Error: (11/19/2014 06:48:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/19/2014 06:48:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025

Error: (11/19/2014 06:48:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4025

Error: (11/19/2014 06:48:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/19/2014 06:48:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3027

PS seit gestern sagt mir mein Microsoft/Hotmail e-mail Account nun dauernd, dass es ein Problem mit dem Sicherheitszertifikat hat

schrauber · 20.11.2014, 19:23

Lass bitte die 3 Tools von oben laufen

Sybilla · 20.11.2014, 21:29

Hi Schrauber

am 17. fand AdwCleaner all diese Sachen. Die hat er zwar entfernt aber deshalb hatte ich Dir ja dann das FRST geschickt

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 17/11/2014 um 00:31:43
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sybilla - Sybilla-PC
# Gestartet von : C:\Users\Sybilla\Downloads\adwcleaner_4.101.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\ProgramData\WPM
Ordner Gefunden : C:\Users\Sybilla\AppData\Roaming\337 Wallpaper

***** [ Tasks ] *****

Task Gefunden : Dealply
Task Gefunden : Desk 365 RunAsStdUser
Task Gefunden : DSite
Task Gefunden : Omiga Plus RunAsStdUser

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Myfree Codec
Schlüssel Gefunden : [x64] HKCU\Software\Myfree Codec
Schlüssel Gefunden : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [lyrix@lyrixeeker.co]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [4319 octets] - [24/08/2013 15:40:59]
AdwCleaner[R1].txt - [2326 octets] - [01/09/2013 08:41:20]
AdwCleaner[R2].txt - [1415 octets] - [29/09/2013 13:10:11]
AdwCleaner[R3].txt - [3525 octets] - [18/11/2013 21:28:56]
AdwCleaner[R4].txt - [3622 octets] - [02/05/2014 18:22:14]
AdwCleaner[R5].txt - [1671 octets] - [02/05/2014 18:31:00]
AdwCleaner[R6].txt - [16929 octets] - [17/11/2014 00:31:43]
AdwCleaner[S0].txt - [4085 octets] - [24/08/2013 15:42:01]
AdwCleaner[S1].txt - [2094 octets] - [01/09/2013 08:41:43]
AdwCleaner[S2].txt - [1476 octets] - [29/09/2013 13:14:21]
AdwCleaner[S3].txt - [3586 octets] - [18/11/2013 21:30:45]
AdwCleaner[S4].txt - [3683 octets] - [02/05/2014 18:28:08]
AdwCleaner[S5].txt - [1732 octets] - [02/05/2014 18:31:52]

########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [17350 octets] ##########

und

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 17/11/2014 um 00:38:39
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sybilla - Sybilla-PC
# Gestartet von : C:\Users\Sybilla\Downloads\adwcleaner_4.101.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Users\Sybilla\AppData\Roaming\337 Wallpaper

***** [ Tasks ] *****

Task Gelöscht : Dealply
Task Gelöscht : Desk 365 RunAsStdUser
Task Gelöscht : DSite
Task Gelöscht : Omiga Plus RunAsStdUser

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [lyrix@lyrixeeker.co]
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [4319 octets] - [24/08/2013 15:40:59]
AdwCleaner[R1].txt - [2326 octets] - [01/09/2013 08:41:20]
AdwCleaner[R2].txt - [1415 octets] - [29/09/2013 13:10:11]
AdwCleaner[R3].txt - [3525 octets] - [18/11/2013 21:28:56]
AdwCleaner[R4].txt - [3622 octets] - [02/05/2014 18:22:14]
AdwCleaner[R5].txt - [1671 octets] - [02/05/2014 18:31:00]
AdwCleaner[R6].txt - [17867 octets] - [17/11/2014 00:31:43]
AdwCleaner[S0].txt - [4085 octets] - [24/08/2013 15:42:01]
AdwCleaner[S1].txt - [2094 octets] - [01/09/2013 08:41:43]
AdwCleaner[S2].txt - [1476 octets] - [29/09/2013 13:14:21]
AdwCleaner[S3].txt - [3586 octets] - [18/11/2013 21:30:45]
AdwCleaner[S4].txt - [3683 octets] - [02/05/2014 18:28:08]
AdwCleaner[S5].txt - [1732 octets] - [02/05/2014 18:31:52]
AdwCleaner[S6].txt - [17300 octets] - [17/11/2014 00:38:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [17361 octets] ##########

jetzt zeigt er das

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 20/11/2014 um 14:44:12
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sybilla - Sybilla-PC
# Gestartet von : C:\Users\Sybilla\Downloads\adwcleaner_4.101(2).exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1.1 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [4319 octets] - [24/08/2013 15:40:59]
AdwCleaner[R1].txt - [2326 octets] - [01/09/2013 08:41:20]
AdwCleaner[R2].txt - [1415 octets] - [29/09/2013 13:10:11]
AdwCleaner[R3].txt - [3525 octets] - [18/11/2013 21:28:56]
AdwCleaner[R4].txt - [3622 octets] - [02/05/2014 18:22:14]
AdwCleaner[R5].txt - [1671 octets] - [02/05/2014 18:31:00]
AdwCleaner[R6].txt - [17867 octets] - [17/11/2014 00:31:43]
AdwCleaner[R7].txt - [1663 octets] - [19/11/2014 18:34:53]
AdwCleaner[R8].txt - [1164 octets] - [20/11/2014 14:44:12]
AdwCleaner[S0].txt - [4085 octets] - [24/08/2013 15:42:01]
AdwCleaner[S1].txt - [2094 octets] - [01/09/2013 08:41:43]
AdwCleaner[S2].txt - [1476 octets] - [29/09/2013 13:14:21]
AdwCleaner[S3].txt - [3586 octets] - [18/11/2013 21:30:45]
AdwCleaner[S4].txt - [3683 octets] - [02/05/2014 18:28:08]
AdwCleaner[S5].txt - [1732 octets] - [02/05/2014 18:31:52]
AdwCleaner[S6].txt - [17874 octets] - [17/11/2014 00:38:39]
AdwCleaner[S7].txt - [1717 octets] - [19/11/2014 19:21:22]

########## EOF - C:\AdwCleaner\AdwCleaner[R8].txt - [1705 octets] ##########

und

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 20/11/2014 um 14:45:32
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sybilla- Sybilla-PC
# Gestartet von : C:\Users\Sybilla\Downloads\adwcleaner_4.101(2).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1.1 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [4319 octets] - [24/08/2013 15:40:59]
AdwCleaner[R1].txt - [2326 octets] - [01/09/2013 08:41:20]
AdwCleaner[R2].txt - [1415 octets] - [29/09/2013 13:10:11]
AdwCleaner[R3].txt - [3525 octets] - [18/11/2013 21:28:56]
AdwCleaner[R4].txt - [3622 octets] - [02/05/2014 18:22:14]
AdwCleaner[R5].txt - [1671 octets] - [02/05/2014 18:31:00]
AdwCleaner[R6].txt - [17867 octets] - [17/11/2014 00:31:43]
AdwCleaner[R7].txt - [1663 octets] - [19/11/2014 18:34:53]
AdwCleaner[R8].txt - [1785 octets] - [20/11/2014 14:44:12]
AdwCleaner[S0].txt - [4085 octets] - [24/08/2013 15:42:01]
AdwCleaner[S1].txt - [2094 octets] - [01/09/2013 08:41:43]
AdwCleaner[S2].txt - [1476 octets] - [29/09/2013 13:14:21]
AdwCleaner[S3].txt - [3586 octets] - [18/11/2013 21:30:45]
AdwCleaner[S4].txt - [3683 octets] - [02/05/2014 18:28:08]
AdwCleaner[S5].txt - [1732 octets] - [02/05/2014 18:31:52]
AdwCleaner[S6].txt - [17874 octets] - [17/11/2014 00:38:39]
AdwCleaner[S7].txt - [1717 octets] - [19/11/2014 19:21:22]
AdwCleaner[S8].txt - [1706 octets] - [20/11/2014 14:45:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [1766 octets] ##########

Malware hatte im August jede Menge Iminent gefunden und in die Quarantäne verschoben die sehe ich dort kann aber vom August das Log nicht mehr aufrufen.

das heutige Protokoll zeigt keine Funde soweit ich es erkennen kann

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.11.2014
Suchlauf-Zeit: 14:59:43
Logdatei: Malwarebytes.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.20.04
Rootkit Datenbank: v2014.11.18.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sybilla

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 331611
Verstrichene Zeit: 8 Min, 24 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

und JRT ergab

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Sybilla on 20.11.2014 at 14:18:46,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{178A801A-45DB-4FDF-82E9-79B7DDDCF8DF}
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{4BF15B45-B3A4-4689-873E-EB6372B6E706}
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{54076632-D856-449D-B36D-19AD08CF744E}
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{5D38FDB9-A256-4B58-BB21-D4B7F1688EF7}
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{67870D2C-2C34-4F95-A64B-2C09C63D7727}
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{9D8F22A9-4205-436F-A7DA-D065F21B317F}
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{AC5B3601-C86D-4856-877E-546754E70A00}
Successfully deleted: [Empty Folder] C:\Users\Sybilla\appdata\local\{F3B4FCE0-3C1F-42C8-AF3B-D251962BEDF2}



~~~ FireFox

Emptied folder: C:\Users\Sybilla\AppData\Roaming\mozilla\firefox\profiles\4i4iuocq.default\minidumps [128 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.11.2014 at 14:22:28,48
End of JRT log

aber das FRST zeigt den Iminent immer noch an obwohl ich nun auch mal den Registry Cleaner habe darüberlaufen lassen.

Dafür geht mein e.MAil wieder ohne Zertifikatsanfragen nachdem ich die Datei cert8.db gelöscht und den Explorer neu gestartet hatte.

Ich hatte auch schon öfters so nervige Toolbars und Banner die einem mit Alarm überschütten

und nicht mehr weg gehen und einmal hat es mir mein ganzes Profil zerhauen

aber das habe auch gleich wieder deinstalliert. Aber nun hat AdwCleaner auch am 17. ja jede Menge entsorgt.

Auch in der Explorersuche kann ich Iminent allerdings nur in den Logfiles vom FRST und im Log vom Adwcleaner - auch vom August - finden, der da aber als gelöscht steht.

Hoffe Du kannst mit den ganzen Berichten etwas anfangen.

Schönen Abend und viele Grüße
Sybilla

schrauber · 21.11.2014, 17:28

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Sybilla · 24.11.2014, 02:56

irgendwas ist da schief gelaufen nach 9 STuden Scan kann ich Eset unter Programmen nicht finden der Deinstaller hat vielleicht funktioniert eine Log war unter dem Programm nicht das war zumindest das "Ergebnis" des Suchlaufs

Code:

ATTFilter

C:\Users\Sybilla\AppData\Local\nstDA24.tmp	Win32/AnyProtect.E evtl. unerwünschte Anwendung
C:\Users\Sybilla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TP5CI7M6\FirefoxSetup.exe	Variante von Win32/InstallCore.PL evtl. unerwünschte Anwendung
C:\Users\Sybilla\AppData\Local\Temp\ICReinstall_FirefoxSetup.exe	Variante von Win32/InstallCore.PL evtl. unerwünschte Anwendung

die aber nun noch da sind

Was mache ich nun lieber Schrauber?

Vielen Dank
Sybilla

schrauber · 24.11.2014, 20:17

Das sind nur Tempfiles. Mach bitte den Rest von oben

Sybilla · 25.11.2014, 19:37

ok vielen Dank

hier das Log vom Security Check

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.90  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 15.0.0.223  
 Adobe Reader XI  
 Mozilla Firefox (33.1.1) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

und das neue FRST Log + Txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Sybilla (administrator) on Sybilla-PC on 25-11-2014 19:33:59
Running from C:\Users\Sybilla\Downloads
Loaded Profile: Sybilla (Available profiles: Sybilla)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Farbar) C:\Users\Sybilla\Downloads\FRST64(4).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818856 2011-08-25] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {0b14ba07-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {0b14ba0c-e9f0-11e1-878a-90a4de55ede2} - E:\PcOptions.exe
HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\...\MountPoints2: {913445b8-2919-11e4-9cc1-90a4de55ede2} - E:\AutoRun.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2014-09-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2846612950-2864176646-3413132641-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.quebles.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default
FF Homepage: www.msn.de
FF NetworkProxy: "ftp", "108.165.33.10"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "108.165.33.10"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "108.165.33.10"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "108.165.33.10"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: German Dictionary - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08]
FF Extension: WOT - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-12]
FF Extension: Stealthy - C:\Users\Sybilla\AppData\Roaming\Mozilla\Firefox\Profiles\4i4iuocq.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-13]

Chrome: 
=======
CHR Profile: C:\Users\Sybilla\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BlockAndSurf) - C:\Users\Sybilla\AppData\Local\Google\Chrome\User Data\Default\Extensions\lleebjehfemndnnddeljcileaifndhfj [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx [2010-07-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-13] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\smhwadb.sys [31744 2009-12-25] (Google Inc)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-11-17] (Emsisoft GmbH)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2007-08-09] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-20] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 smhwdev; C:\Windows\System32\DRIVERS\smhwdev.sys [114432 2010-01-14] (Huawei Technologies Co., Ltd.)
S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [122624 2010-02-05] (QUALCOMM Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 19:31 - 2014-11-25 19:31 - 02118144 _____ (Farbar) C:\Users\Sybilla\Downloads\FRST64(4).exe
2014-11-25 19:23 - 2014-11-25 19:23 - 00854414 _____ () C:\Users\Sybilla\Downloads\SecurityCheck(1).exe
2014-11-24 02:28 - 2014-11-24 02:28 - 00000403 _____ () C:\Users\Sybilla\Downloads\eset22.txt
2014-11-23 14:57 - 2014-11-23 14:57 - 00854414 _____ () C:\Users\Sybilla\Downloads\SecurityCheck.exe
2014-11-23 14:53 - 2014-11-23 14:53 - 02347384 _____ (ESET) C:\Users\Sybilla\Downloads\esetsmartinstaller_deu.exe
2014-11-23 14:05 - 2014-11-23 14:05 - 02118144 _____ (Farbar) C:\Users\Sybilla\Downloads\FRST64(3).exe
2014-11-20 21:11 - 2014-11-20 21:11 - 00001211 _____ () C:\Malwarebytes.txt
2014-11-20 19:54 - 2014-11-20 19:54 - 00000000 ____D () C:\Users\Sybilla\AppData\Local\Apps\2.0
2014-11-20 14:59 - 2014-11-20 14:59 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-20 14:58 - 2014-11-20 14:58 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-20 14:58 - 2014-11-20 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-20 14:58 - 2014-11-20 14:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-20 14:58 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-20 14:58 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-20 14:58 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-20 14:56 - 2014-11-20 14:56 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Sybilla\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-20 14:46 - 2014-11-24 20:14 - 00003790 _____ () C:\windows\PFRO.log
2014-11-20 14:42 - 2014-11-20 14:42 - 02140160 _____ () C:\Users\Sybilla\Downloads\adwcleaner_4.101(2).exe
2014-11-20 14:37 - 2014-11-20 14:37 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-20 14:37 - 2014-11-20 14:37 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-20 14:37 - 2014-11-20 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-20 14:36 - 2014-11-20 14:36 - 00244392 _____ () C:\Users\Sybilla\Downloads\Firefox Setup Stub 33.1.1.exe
2014-11-20 14:35 - 2014-11-20 14:35 - 00001130 _____ () C:\Users\Sybilla\Desktop\Continue Firefox Installation.lnk
2014-11-20 14:22 - 2014-11-20 14:22 - 00001718 _____ () C:\Users\Sybilla\Desktop\JRT.txt
2014-11-20 14:18 - 2014-11-20 14:18 - 00000000 ____D () C:\windows\ERUNT
2014-11-20 14:16 - 2014-11-20 14:16 - 01707532 _____ (Thisisu) C:\Users\Sybilla\Downloads\JRT.exe
2014-11-20 13:47 - 2014-11-20 13:47 - 02117120 _____ (Farbar) C:\Users\Sybilla\Downloads\FRST64(2).exe
2014-11-20 13:45 - 2014-11-20 13:45 - 01108992 _____ (Farbar) C:\Users\Sybilla\Downloads\FRST.exe
2014-11-20 13:37 - 2014-11-24 20:14 - 00001008 _____ () C:\windows\setupact.log
2014-11-20 13:37 - 2014-11-20 13:37 - 00000000 _____ () C:\windows\setuperr.log
2014-11-20 13:28 - 2014-11-20 13:28 - 03848048 _____ (Piriform Ltd) C:\Users\Sybilla\Downloads\ccsetup419_slim.exe
2014-11-20 13:26 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-11-20 13:26 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-11-20 13:26 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-11-20 13:26 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-11-19 19:29 - 2014-11-19 19:29 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Sybilla\Downloads\SpyHunter-Installer.exe
2014-11-19 18:34 - 2014-11-19 18:34 - 02140160 _____ () C:\Users\Sybilla\Downloads\AdwCleaner_4.101(1).exe
2014-11-19 18:23 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2014-11-19 18:23 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-19 18:23 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-19 18:23 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2014-11-19 18:23 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2014-11-19 18:23 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-11-19 18:23 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2014-11-19 18:23 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-11-19 18:23 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2014-11-19 18:23 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2014-11-19 18:23 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2014-11-19 18:23 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2014-11-19 18:23 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-11-19 18:23 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-11-19 18:23 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-11-19 18:23 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-11-19 18:23 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-11-19 18:23 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-11-19 18:23 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2014-11-19 18:23 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2014-11-19 18:23 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2014-11-19 14:40 - 2014-11-19 14:40 - 00001077 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-11-19 14:40 - 2014-11-19 14:40 - 00000000 ____D () C:\Users\Sybilla\AppData\Local\VS Revo Group
2014-11-19 14:40 - 2014-11-19 14:40 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-11-19 14:40 - 2014-11-19 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-11-19 14:40 - 2014-11-19 14:40 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-11-19 14:40 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\windows\system32\Drivers\revoflt.sys
2014-11-19 14:39 - 2014-11-19 14:39 - 10691640 _____ (VS Revo Group ) C:\Users\Sybilla\Downloads\RevoUninProSetup.exe
2014-11-19 14:31 - 2014-11-19 15:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-19 14:31 - 2014-11-19 14:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sybilla\Downloads\revosetup95.exe
2014-11-19 14:31 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 14:31 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 14:31 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 14:31 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-17 16:02 - 2014-11-17 18:05 - 00000000 ____D () C:\EEK
2014-11-17 16:02 - 2014-11-17 16:02 - 00000743 _____ () C:\Users\Sybilla\Desktop\Start Emsisoft Emergency Kit.lnk
2014-11-17 15:57 - 2014-11-17 15:58 - 158270864 _____ () C:\Users\Sybilla\Downloads\EmsisoftEmergencyKit.exe
2014-11-17 10:56 - 2014-11-17 10:56 - 02117120 _____ (Farbar) C:\Users\Sybilla\Downloads\FRST64(1).exe
2014-11-17 00:31 - 2014-11-17 00:31 - 02140160 _____ () C:\Users\Sybilla\Downloads\adwcleaner_4.101.exe
2014-11-13 22:10 - 2014-11-13 22:10 - 00000000 __SHD () C:\Users\Sybilla\AppData\Local\EmieBrowserModeList
2014-11-13 01:20 - 2014-11-20 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 20:42 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-11 20:42 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-11 20:42 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-11 20:42 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-11 20:42 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-11 20:42 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-11 20:42 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-11 20:42 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-11 20:42 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-11 20:42 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-11 20:42 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-11 20:42 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-11 20:42 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-11 20:42 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-11 20:42 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-11 20:42 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-11 20:42 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-11 20:42 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-11 20:42 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-11 20:42 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-11 20:42 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-11 20:42 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-11 20:42 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-11 20:42 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-11 20:42 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-11 20:42 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 20:42 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-11 20:42 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-11 20:42 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-11 20:42 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-11 20:42 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-11 20:42 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-11 20:42 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-11 20:42 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-11 20:42 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-11 20:42 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-11 20:42 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 20:42 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-11 20:42 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-11 20:42 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-11 20:42 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-11 20:42 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-11 20:42 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-11 20:42 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-11 20:42 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-11 20:42 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-11 20:42 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-11 20:42 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-11 20:42 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-11 20:42 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-11 20:42 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-11 20:42 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-11 20:42 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-11 20:42 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-11 20:42 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-11 20:42 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-11 20:42 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-11 20:42 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-11 20:42 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-11 20:42 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-11 20:42 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-11 20:42 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-11 20:42 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-11 20:42 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-11 20:42 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-11 20:42 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-11 20:42 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-11 20:42 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-11 20:41 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-11 20:41 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-11 20:41 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-11 20:41 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-11 20:41 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-11 20:41 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-11 20:41 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-11 20:41 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-11 20:41 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-11 20:40 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-11 20:40 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-11 20:40 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-11 20:40 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-11 20:40 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-11 20:40 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-11 20:40 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-11 20:40 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-11 20:40 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-11 20:40 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-09 19:54 - 2014-11-09 19:54 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-11-09 19:54 - 2014-11-09 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-09 19:54 - 2014-11-09 19:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-09 19:51 - 2014-11-09 19:51 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files\iTunes
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files\iPod
2014-11-09 19:51 - 2014-11-09 19:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-03 19:00 - 2014-11-14 16:04 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 19:34 - 2014-05-02 18:34 - 00018826 _____ () C:\Users\Sybilla\Downloads\FRST.txt
2014-11-25 19:34 - 2014-05-02 18:34 - 00000000 ____D () C:\FRST
2014-11-25 19:33 - 2011-04-04 21:28 - 01212250 _____ () C:\windows\WindowsUpdate.log
2014-11-25 19:24 - 2011-04-04 20:53 - 00700134 _____ () C:\windows\system32\perfh007.dat
2014-11-25 19:24 - 2011-04-04 20:53 - 00149984 _____ () C:\windows\system32\perfc007.dat
2014-11-25 19:24 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-25 19:21 - 2013-03-15 00:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 20:23 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 20:23 - 2009-07-14 05:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 20:15 - 2013-04-22 21:02 - 00000000 ____D () C:\Users\Sybilla\AppData\Local\CrashDumps
2014-11-24 20:14 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-24 02:53 - 2013-11-12 00:37 - 00027136 ___SH () C:\Users\Sybilla\Thumbs.db
2014-11-23 14:07 - 2014-05-02 18:35 - 00028765 _____ () C:\Users\Sybilla\Downloads\Addition.txt
2014-11-23 13:54 - 2013-07-09 08:39 - 00000000 ____D () C:\Users\Sybilla\AppData\Roaming\SoftGrid Client
2014-11-20 14:45 - 2013-08-24 15:40 - 00000000 ____D () C:\AdwCleaner
2014-11-20 14:30 - 2013-07-13 02:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-20 14:30 - 2012-08-26 11:14 - 00000000 ____D () C:\Users\Sybilla\AppData\Roaming\Apple Computer
2014-11-20 13:30 - 2013-08-21 18:01 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-20 13:30 - 2013-08-21 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-20 13:30 - 2013-08-21 18:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-20 13:30 - 2011-02-11 20:57 - 00000000 ____D () C:\windows\Panther
2014-11-19 18:29 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-19 18:28 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-11-15 15:47 - 2014-08-03 14:40 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-15 15:47 - 2014-08-03 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-15 15:47 - 2011-04-04 05:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-14 16:04 - 2014-05-02 02:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-14 16:04 - 2013-02-25 06:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-13 01:00 - 2014-05-08 02:00 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-13 01:00 - 2009-07-14 05:45 - 00277360 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 03:03 - 2013-08-14 02:00 - 00000000 ____D () C:\windows\system32\MRT
2014-11-12 03:01 - 2012-08-26 23:01 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 01:17 - 2013-03-15 00:25 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 01:17 - 2013-02-27 18:22 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 01:17 - 2013-02-27 18:22 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-10 21:03 - 2013-01-12 20:18 - 00000000 ____D () C:\Users\Sybilla\dwhelper
2014-11-09 19:51 - 2014-09-19 19:56 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-02 01:32 - 2012-11-20 21:33 - 00000000 ____D () C:\Users\Sybilla\AppData\Roaming\Malwarebytes
2014-11-02 01:32 - 2012-11-20 21:33 - 00000000 ____D () C:\ProgramData\Malwarebytes

Some content of TEMP:
====================
C:\Users\Sybilla\AppData\Local\Temp\avgnt.exe
C:\Users\Sybilla\AppData\Local\Temp\Quarantine.exe
C:\Users\Sybilla\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-30 01:58

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by Sybilla at 2014-11-25 19:34:27
Running from C:\Users\Sybilla\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
ChargeableUSB (HKLM-x32\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DVBViewer TERRATEC Edition (HKLM-x32\...\DVBViewer TERRATEC Edition_is1) (Version:  - CM&V)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{EA76E65F-6679-495A-A8A6-42AD6602ED4C}) (Version: 1.0.11 - Samsung)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Iminent (x32 Version: 6.32.41.0 - Iminent) Hidden <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.06.40 - Huawei Technologies Co.,Ltd)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - )
NOXON DAB MediaPlayer (HKLM-x32\...\{9117C289-7C22-441B-BF9A-5C4C66AC6C0C}) (Version: 1.0.10 - NOXON Media)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PC Suite (HKLM-x32\...\PC Suite) (Version: 12.09.109.U8120D02SP02 - Huawei Technologies Co.,Ltd)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6246 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.9 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.0301 - SRS Labs, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.22.0 - Synaptics Incorporated)
TERRATEC T-Stick PLUS V86.001.1129.2011 (HKLM-x32\...\TERRATEC T-Stick PLUS) (Version: 86.001.1129.2011 - )
Tuning Tool (HKLM-x32\...\{E95D2E2E-992A-4B3B-895A-C651EBCAC458}) (Version: 1.1.0 - Telefónica o2 Germany GmbH & Co. OHG)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (x32 Version:  - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

19-11-2014 17:23:24 Windows Update
20-11-2014 12:34:11 Windows Update
20-11-2014 20:48:59 Windows Update
25-11-2014 18:32:26 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {124CA5D0-B907-4BD0-AD32-0881AEE75605} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {133D85FF-8DC6-4B6F-81E5-109EAE019C57} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {23C739C8-C981-4BC8-95F9-F31EB906C709} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {3B2F730A-84E2-4A5F-80ED-6145AAA2F691} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {3ED517D8-75F0-4177-9BAF-1069C3C1A4EA} - System32\Tasks\{9C990F5D-88EE-43DC-BA02-819E4287B92D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.73.106.456/de/abandoninstall?page=tsProgressBar
Task: {45BDED53-AFDD-46F0-86BB-C20C56DB4815} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {56D73D2F-B71B-42FC-BAF2-CABB7A0E9867} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {5F27B28D-484E-4527-BA7F-9D0209EA3875} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6F6BB17D-05D0-41FB-8F06-FB7EA8D2EBA3} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {75D56FEC-6ABF-40D9-8C43-D5C22E0801BD} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {7B73C2FD-BB98-473C-97D0-711C99E3E7D2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2846612950-2864176646-3413132641-1001
Task: {A66AA4E2-0775-4E73-A9DB-97EA15CC4052} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {BB144633-A224-4AA6-A0D5-4D19C6FCA112} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {C7064E37-0A1D-427E-B526-A6AB6F6E01B0} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-15] (SRS Labs, Inc.)
Task: {C91D938D-3288-4836-8026-101ED00DE2D0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D25FC41A-0692-4126-8266-04990C8EA824} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)
Task: {DC672D82-28F9-45C8-B1CD-B5002CF0B795} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)
Task: {DC8C200F-2978-4CFC-8998-BDE8E1A62239} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-09-20 00:51 - 2014-09-14 00:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-20 00:52 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-04 20:36 - 2008-06-05 00:53 - 00027648 _____ () C:\windows\System32\spd__l.dll
2011-04-04 05:52 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-04-04 20:33 - 2010-12-17 01:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-03 14:40 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-04-04 20:36 - 2010-10-21 19:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-20 00:51 - 2014-09-14 00:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-04 06:00 - 2010-07-05 11:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2014-08-03 14:40 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-08-03 14:40 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2014-11-20 14:37 - 2014-11-14 03:42 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-04 05:41 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2011-04-04 06:04 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-2846612950-2864176646-3413132641-500 - Administrator - Disabled)
Gast (S-1-5-21-2846612950-2864176646-3413132641-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2846612950-2864176646-3413132641-1003 - Limited - Enabled)
Sybilla (S-1-5-21-2846612950-2864176646-3413132641-1001 - Administrator - Enabled) => C:\Users\Sybilla

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/25/2014 07:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67313652

Error: (11/25/2014 07:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 67313652

Error: (11/25/2014 07:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2014 07:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67312622

Error: (11/25/2014 07:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 67312622

Error: (11/25/2014 07:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2014 07:21:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67311608

Error: (11/25/2014 07:21:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 67311608

Error: (11/25/2014 07:21:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2014 07:21:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67310532


System errors:
=============
Error: (11/24/2014 08:15:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (11/24/2014 08:15:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/24/2014 08:15:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/24/2014 08:14:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎11.‎2014 um 20:14:09 unerwartet heruntergefahren.

Error: (11/20/2014 09:49:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}


Microsoft Office Sessions:
=========================
Error: (11/25/2014 07:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67313652

Error: (11/25/2014 07:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 67313652

Error: (11/25/2014 07:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2014 07:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67312622

Error: (11/25/2014 07:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 67312622

Error: (11/25/2014 07:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2014 07:21:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67311608

Error: (11/25/2014 07:21:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 67311608

Error: (11/25/2014 07:21:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2014 07:21:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 67310532


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 48%
Total physical RAM: 4009.55 MB
Available physical RAM: 2058.36 MB
Total Pagefile: 8017.27 MB
Available Pagefile: 4584.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.58 GB) (Free:21.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: DF91A2B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=96.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.6 GB) - (Type=27)

==================== End Of Log ============================

Und wie schaut es aus?

Vielen Dank

Sybilla

18.11.2014, 08:54	#4
schrauber /// the machine /// TB-Ausbilder	Fehlermeldung von Avira und diverse Funde von Adaware Cleaner Addition.txt fehlt immer noch von FRST __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.11.2014, 19:23	#10
schrauber /// the machine /// TB-Ausbilder	Fehlermeldung von Avira und diverse Funde von Adaware Cleaner Lass bitte die 3 Tools von oben laufen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

24.11.2014, 20:17	#14
schrauber /// the machine /// TB-Ausbilder	Fehlermeldung von Avira und diverse Funde von Adaware Cleaner Das sind nur Tempfiles. Mach bitte den Rest von oben __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Fehlermeldung von Avira und diverse Funde von Adaware Cleaner

Log-Analyse und Auswertung: Fehlermeldung von Avira und diverse Funde von Adaware Cleaner