Liebe Community,
ich habe ein paar Probleme mit meinem Windows 7 64-Bit Rechner. Doch von vorne..
Es fing damit an dass nach dem ganz normalen herunterfahren der Rechner etwa geschätzte 10 Sekunden nach dem Anmelden das Desktop lädt. Dies wird begleitet mit einem schwarzen Bildschirm, was vorher nicht so war. Einige Minuten später bemerkte ich dass nächste Problem, in Google Chrome wird keine Verbindung aufgebaut mit folgendem Fehlercode:
DNS_PROBE_FINISHED_NO_INTERNET
Verbindung besteht allerdings (Ping zum Router 100% erfolgreich) und mir wird auch kein Fehler bei den Netzwerkverbindungen angezeigt.
Außerdem habe ich extreme Leistungseinbrüche, beim Neustart und auch noch beim normalen Arbeiten. Sei es beim Öffnen des Browser oder beim Hochfahren, es ist viel langsamer als davor.. Dies wird wiederum von einer Maus, welche ab und zu ein paar cm springt begleitet. Ebenfalls wird der Dialog angezeigt, als würde man einen Rechtsklick tätigen..

Ich habe bereits nach dieser: hxxp://www.hs-owl.de/fb7/edvwiki/index.php/TCP-IP_Winsock_zur%C3%BCcksetzen Anleitung den Winsock zurückgesetzt. Anfangs ging das Internet wieder, jetzt habe ich trotzdem manchmal wieder keine Verbindung..

Außerdem habe ich AVG free Antivirus und den ADW Cleaner mal durchlaufen lassen. Den ESET Online Scanner wollte ich eigentlich auch machen, nur fängt er ab etwa 30% an, extrem langsam zu arbeiten, fast null.. Log vom ADW Cleaner ist im Anhang. Von YTDownloader und ShopperPro habe ich noch nie etwas gehört...

Falls ich Win7 neu aufsetze würde ich die Programme (Beispielsweise Word) gerne von der Partition C auf die Partition D verschieben (Symmover). Die Partition D bleibt dann außen vor und wird nicht gelöscht. Könnte man die Programme im Nachhinein noch nutzen? Oder würde dies wegen der eventuell fehlenden Registry Einträgen nicht klappen? Andere Prgramme welche von der Partition D laufen funktionieren auch nach dem früheren Reset noch.
Ich weiß nicht ob euch folgendes noch hilft: Nach dem Start öffnen sich etwa 3-4 Fenster in denen der gleiche Inhalt zu sehen ist: RunDLL Problem beim Starten von C:\Programs~und dann irgendwelche Temporären Dateien... Das angegebene Modul konnte nicht gefunden werden..

Ich wäre euch sehr dankbar wenn ihr mir bei dem Problem weiterhelfen könntet!

Hallo Joomls



Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

• Bitte arbeite alle Schritte der Reihe nach ab.
• Hier findest du die Anleitung für Hilfesuchende
• Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
• Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
• Bitte kein Crossposting ( posten in mehreren Foren).
• Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
• Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
• Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte alle Logs in CODE-# posten.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Und bitte neue FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

So, ich habe mich jetzt mal damit beschäftigt. Das Junkware Removal Tool lässt sich zwar öffnen (als Admin geöffnet, AVG deaktiviert), danach drücke ich eine Taste, es öffnet sich ein zweites Fenster welches ein paar Sekunden später verschwindet. Danach passiert garnichts mehr. Egal ob die Datei von Chip oder filepony. Es passiert nach diesem Fenster garnichts mehr, in der schwarzen Box steht nur ganz kurz "Checking Startup". Bei mir öffnete sich danach einmal wieder das Fenster mit RunDLL folgende Datei wurde nicht gefunden und kann nicht geöffnet werden
Log von Malwarebytes:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.12.2014
Suchlauf-Zeit: 20:46:33
Logdatei: 
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.04.09
Rootkit Datenbank: v2014.12.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 390821
Verstrichene Zeit: 6 Min, 45 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.SpeedCheck.A, C:\Windows\Tasks\SpeedCheck Update.job, In Quarantäne, [f6e3da84106ca98d5a26aca5d92a4cb4], 
PUP.Optional.Speedcheck.A, C:\Windows\System32\Tasks\SpeedCheck Update, In Quarantäne, [4099104ea2da6bcbcab7024fc24136ca], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

FRST:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Tim (administrator) on SPIELE-PC-DIETZ on 04-12-2014 21:00:23
Running from C:\Users\Tim\Downloads
Loaded Profile: Tim (Available profiles: Tim & Chiara)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgnsa.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify] => C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify Web Helper] => C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {3ad8cc06-2842-11e4-b6df-5404a667c7bf} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {7aeabb5e-d847-11e3-8a0a-5404a667c7bf} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {8022c7e1-0128-11e4-a871-5404a667c7bf} - F:\Startme.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {c447e447-7c6d-11e3-b9be-5404a667c7bf} - G:\SETUP.EXE
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL File Not Found
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEA318F53FECBCE01
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-28]
FF HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Firefox\Extensions: [{38193564-FF03-06D0-0062-53FFFF2F9C05}] - C:\Program Files (x86)\ver1SpeedCheck\178.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1417363290&from=amt&uid=WDCXWD20EARX-22PASB0_WD-WCAZA953752537525
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-02]
CHR Extension: (WOT) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-02]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVGIDSAgent; D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
R2 MBAMScheduler; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147464 2013-01-08] (H+H Software GmbH)
S2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-09] (AVG Technologies)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [226080 2012-12-06] (H+H Software GmbH)
S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-04 21:00 - 2014-12-04 21:00 - 00019766 _____ () C:\Users\Tim\Downloads\FRST.txt
2014-12-04 20:59 - 2014-12-04 20:59 - 01707646 _____ (Thisisu) C:\Users\Tim\Downloads\JRT(1).exe
2014-12-04 20:58 - 2014-12-04 20:58 - 00231408 _____ () C:\Users\Tim\Downloads\JRT.exe
2014-12-04 20:55 - 2014-12-04 20:55 - 00001406 _____ () C:\Users\Tim\Desktop\mbam.txt
2014-12-04 20:33 - 2014-12-04 20:33 - 01707646 _____ (Thisisu) C:\Users\Tim\Downloads\JRT64.exe
2014-12-04 20:33 - 2014-12-04 20:33 - 01707646 _____ (Thisisu) C:\Users\Tim\Desktop\JRT64.exe
2014-12-04 16:31 - 2014-12-04 16:31 - 00045568 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-12-04 16:30 - 2014-12-04 16:30 - 00036404 _____ () C:\Users\Tim\Desktop\Addition.txt
2014-12-04 16:26 - 2014-12-04 21:00 - 00000000 ____D () C:\FRST
2014-12-04 16:25 - 2014-12-04 16:25 - 02117632 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2014-12-04 16:22 - 2014-12-04 16:22 - 01110016 _____ (Farbar) C:\Users\Tim\Downloads\FRST.exe
2014-12-04 15:41 - 2014-12-04 15:41 - 00001415 _____ () C:\Users\Tim\Desktop\AdwCleaner[R3].txt
2014-12-03 15:13 - 2014-12-03 15:13 - 00000000 _____ () C:\Users\Tim\AppData\Local\{7449D0F4-AD5C-4D8A-BA98-687BB5203CD2}
2014-12-02 17:53 - 2014-12-02 17:53 - 00001068 _____ () C:\Users\Tim\Desktop\BMW.lnk
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-02 17:21 - 2014-12-04 15:51 - 00001240 _____ () C:\Windows\setupact.log
2014-12-02 17:21 - 2014-12-04 15:08 - 00004186 _____ () C:\Windows\PFRO.log
2014-12-02 17:21 - 2014-12-02 17:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 17:12 - 2014-12-02 17:12 - 00000085 _____ () C:\Windows\wininit.ini
2014-12-02 17:08 - 2014-12-02 17:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-02 17:08 - 2014-12-02 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-02 17:08 - 2014-12-02 17:08 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-02 17:04 - 2014-12-02 17:05 - 00376202 _____ () C:\Users\Tim\Desktop\cc_20141202_170449.reg
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 __HDC () C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Stardock
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-12-02 16:36 - 2014-12-02 16:36 - 00880784 _____ (Google Inc.) C:\Users\Tim\Downloads\ChromeSetup.exe
2014-12-02 16:19 - 2014-12-02 16:19 - 13485202 _____ () C:\Users\Tim\Downloads\hitmanpro379.zip
2014-12-02 16:17 - 2014-12-02 16:17 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Tim\Downloads\spybot-2.4.exe
2014-12-02 16:07 - 2014-12-02 16:07 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-02 13:51 - 2014-12-02 13:51 - 00000000 ___DL () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-02 13:46 - 2014-12-02 15:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SymMover
2014-12-02 13:46 - 2014-12-02 13:46 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SymMover
2014-12-02 13:44 - 2014-12-02 13:45 - 00000000 ____D () C:\Users\Tim\Symmover
2014-12-01 19:03 - 2014-12-01 19:03 - 00003132 _____ () C:\Windows\System32\Tasks\{2CB07BE7-18B5-42B0-9745-695514D19B69}
2014-12-01 14:06 - 2014-12-01 14:06 - 00003172 _____ () C:\Windows\System32\Tasks\UNELEVATE_17776
2014-11-30 17:01 - 2014-11-30 17:01 - 00004656 _____ () C:\Windows\SysWOW64\abengine.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00003086 _____ () C:\Windows\System32\Tasks\upfs7214
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\SysWOW64\abengineOff.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\system32\abengineOff.ini
2014-11-30 17:01 - 2014-11-23 23:23 - 00370584 _____ (Abengine) C:\Windows\system32\abengine64.dll
2014-11-30 16:59 - 2014-11-30 16:59 - 00003732 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-11-30 16:58 - 2014-11-30 16:59 - 00003592 _____ () C:\Windows\System32\Tasks\YTDownloader
2014-11-30 16:58 - 2014-11-30 16:58 - 00003582 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-11-30 16:57 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\itesing
2014-11-30 15:52 - 2014-12-01 19:00 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Anvsoft
2014-11-30 15:52 - 2014-11-30 15:52 - 00000000 ____D () C:\Users\Tim\Documents\Any Video Converter
2014-11-30 14:45 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Local\MAGIX_Software_GmbH
2014-11-29 15:04 - 2014-11-29 15:04 - 00000000 __SHD () C:\Users\Tim\AppData\Local\EmieBrowserModeList
2014-11-29 14:28 - 2014-11-30 15:56 - 00538128 _____ () C:\Users\Tim\Desktop\2014_09 HB-HH-HB.MVP
2014-11-22 22:43 - 2014-11-22 22:43 - 00000000 ____D () C:\Users\Tim\Desktop\Xperia Z
2014-11-22 21:08 - 2014-11-22 22:41 - 00000000 ____D () C:\Users\Tim\Desktop\Handy fotos
2014-11-21 15:32 - 2014-11-22 13:17 - 00000000 ____D () C:\Users\Tim\Desktop\Fotos Videos papa
2014-11-19 16:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 16:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-11-13 17:32 - 2014-11-13 17:32 - 00000000 __SHD () C:\Users\Chiara\AppData\Local\EmieBrowserModeList
2014-11-13 17:07 - 2014-11-13 17:07 - 01942161 _____ () C:\Users\Chiara\Downloads\wave-interference_en.jar
2014-11-13 17:07 - 2014-11-13 17:07 - 00000000 ____D () C:\Users\Chiara\.phet
2014-11-12 15:44 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 15:44 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 15:44 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:44 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 15:44 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 15:44 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:44 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:44 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 15:44 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 15:44 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:44 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:44 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:44 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 15:44 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 15:44 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 15:44 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 15:44 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 15:44 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 15:44 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 15:44 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 15:44 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 15:44 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 15:44 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 15:44 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 15:44 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 15:44 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 15:44 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 15:43 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 15:43 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 15:43 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 15:43 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 15:43 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 15:43 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 15:43 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:43 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 15:43 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 15:43 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 15:43 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:43 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-07 20:05 - 2014-11-07 20:05 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-11-05 09:47 - 2014-11-05 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-05 09:46 - 2014-11-05 09:47 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-05 09:46 - 2014-11-05 09:47 - 00000000 ____D () C:\Program Files\iTunes
2014-11-05 09:46 - 2014-11-05 09:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-05 09:46 - 2014-11-05 09:46 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-04 20:36 - 2014-09-15 15:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-04 20:36 - 2014-09-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-04 20:26 - 2014-05-10 16:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-04 20:26 - 2013-10-18 12:54 - 01468297 _____ () C:\Windows\WindowsUpdate.log
2014-12-04 18:05 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Spotify
2014-12-04 17:46 - 2013-10-20 12:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-04 15:59 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-04 15:59 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-04 15:54 - 2014-10-18 17:03 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-12-04 15:51 - 2014-05-10 16:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-04 15:51 - 2013-11-17 13:10 - 00000000 ____D () C:\Users\Tim\AppData\Local\HTC MediaHub
2014-12-04 15:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-04 15:40 - 2014-09-14 18:41 - 00000000 ____D () C:\AdwCleaner
2014-12-04 15:10 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Local\Spotify
2014-12-02 19:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-02 17:05 - 2013-10-18 13:57 - 00000000 ____D () C:\Windows\pss
2014-12-02 13:44 - 2013-10-18 12:55 - 00000000 ____D () C:\Users\Tim
2014-12-01 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-01 19:53 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2014-12-01 18:56 - 2014-05-10 16:16 - 00000000 ____D () C:\Users\Chiara\AppData\Local\LogMeIn Hamachi
2014-12-01 18:56 - 2013-11-17 12:35 - 00000000 ____D () C:\Users\Chiara\AppData\Local\HTC MediaHub
2014-11-30 20:23 - 2014-10-19 12:07 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-11-30 20:23 - 2014-07-02 19:46 - 00000000 ____D () C:\Users\Tim\Desktop\Neuer Ordner
2014-11-30 20:23 - 2014-05-10 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-30 20:23 - 2014-03-15 10:29 - 00000000 ____D () C:\Users\Tim\Desktop\Papa musik
2014-11-30 20:23 - 2013-11-02 09:53 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\vlc
2014-11-30 20:23 - 2013-10-30 16:44 - 00000000 ____D () C:\Users\Chiara
2014-11-30 20:23 - 2013-10-27 16:26 - 00000000 ____D () C:\Users\Tim\Documents\BMW
2014-11-30 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-30 17:06 - 2014-01-13 16:35 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TeamViewer
2014-11-30 17:02 - 2014-10-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 17:02 - 2014-10-08 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus-Simulator 2012
2014-11-30 17:02 - 2014-08-26 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-30 17:02 - 2014-08-25 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-11-30 17:02 - 2014-07-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-11-30 17:02 - 2014-06-25 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-30 17:02 - 2014-06-22 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-30 17:02 - 2014-04-03 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gabelstapler Simulator 2009
2014-11-30 17:02 - 2014-02-27 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-11-30 17:02 - 2014-01-28 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-30 17:02 - 2014-01-14 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-11-30 17:02 - 2013-12-06 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 17:02 - 2013-10-20 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-30 17:02 - 2013-10-20 13:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-11-30 17:02 - 2013-10-20 12:53 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-30 17:02 - 2013-10-18 12:55 - 00000000 ___RD () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:02 - 2011-05-06 23:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-11-30 17:02 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:01 - 2013-10-21 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-30 14:44 - 2014-02-23 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\MAGIX
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 11:37 - 2011-03-15 22:23 - 00714496 _____ () C:\Windows\system32\perfh007.dat
2014-11-23 11:37 - 2011-03-15 22:23 - 00154218 _____ () C:\Windows\system32\perfc007.dat
2014-11-23 11:37 - 2009-07-14 06:13 - 01660444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 17:21 - 2013-10-27 16:26 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-21 15:32 - 2013-10-18 13:38 - 00170632 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 06:14 - 2014-09-15 15:54 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-17 15:08 - 2014-05-10 16:15 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-17 15:08 - 2014-05-10 16:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 16:29 - 2014-06-07 20:19 - 00000000 ____D () C:\Users\Chiara\Desktop\Server
2014-11-16 15:42 - 2013-11-17 12:23 - 00170632 _____ () C:\Users\Chiara\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 15:41 - 2009-07-14 05:45 - 00563992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 15:38 - 2013-11-17 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-11-16 15:38 - 2013-11-17 12:32 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-16 15:37 - 2013-11-17 12:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\Downloaded Installations
2014-11-16 15:36 - 2013-11-17 12:32 - 00000000 ____D () C:\Temp
2014-11-13 04:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:26 - 2014-05-06 15:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:11 - 2014-01-13 17:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:08 - 2013-10-25 15:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:02 - 2013-10-25 15:27 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-10 13:54 - 2014-09-10 15:55 - 00000000 ____D () C:\Users\Chiara\AppData\Local\AVG Web TuneUp
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Local\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-09 12:49 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Tim\AppData\Local\AVG Web TuneUp
2014-11-08 13:49 - 2014-11-01 20:39 - 00000000 ____D () C:\Users\Tim\Documents\Flight Simulator X-Dateien
2014-11-07 21:24 - 2013-12-27 21:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.minecraft
2014-11-07 20:05 - 2014-09-09 20:15 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-11-05 09:46 - 2014-06-22 07:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-05 09:46 - 2014-03-15 11:55 - 00000000 ____D () C:\Program Files\Common Files\Apple

Some content of TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\Quarantine.exe
C:\Users\Tim\AppData\Local\Temp\SpOrder.dll
C:\Users\Tim\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-29 18:24

==================== End Of Log ============================
         

--- --- ---

--- --- ---


Addition:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by Tim at 2014-12-04 21:00:54
Running from C:\Users\Tim\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.22 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4794 - AVG Technologies)
AVG 2014 (Version: 14.0.4235 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4794 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
Battlefield Play4Free (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version:  - astragon)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
City Bus Simulator 2010 - Gold Edition (HKLM-x32\...\{9FB088BB-47DC-452C-BE8E-036E2243B4C8}) (Version: 1.00 - TML-Studios)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Free MP4 Video Converter version 5.0.46.820 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional CM1410 Series (HKLM-x32\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version:  - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM-x32\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{22FE3793-5961-4ADE-AE66-69D9291C22B1}) (Version: 1.03.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppCM1410LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden
hppFaxDrvCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1410 (x32 Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
hppSendFaxCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXCM1410 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Designelemente) (HKLM-x32\...\MX.{53BBE66D-C843-4E0A-A317-2F0B8FA29485}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Designelemente) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (HKLM-x32\...\MX.{BD329C68-4F9A-4ACD-A2D0-D6D59380E6E7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium Update (Version: 13.0.5.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA Grafiktreiber 268.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.29 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.1 - pdfforge)
PhotoDose 5.1 (HKLM-x32\...\Photo Dose_is1) (Version:  - )
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SL-6640-SBK BLACK WIDOW Flightstick (HKLM-x32\...\SL-6640-SBK BLACK WIDOW Flightstick) (Version:  - )
Spotify (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SymMover (HKLM-x32\...\SymMover) (Version:  - )
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.00.0 - H+H Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WorldofTanks (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\WorldofTanks) (Version:  - WorldofTanks)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programme\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

29-11-2014 17:30:59 Geplanter Prüfpunkt
30-11-2014 16:04:23 Removed HTC Driver Installer.
30-11-2014 19:18:51 Wiederherstellungsvorgang
01-12-2014 18:50:51 Revo Uninstaller's restore point - WorldofTanks
02-12-2014 16:15:06 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03324725-91F2-4B5C-A034-E26110AD72B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {1730127B-3E29-42CB-AD15-B14A2EB8B95B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {1813E5B8-9D56-4793-A2F0-D94FF86D82D7} - \ShopperPro No Task File <==== ATTENTION
Task: {228DB8E0-BDB0-416C-8661-F1C426CE6A1D} - System32\Tasks\upfs7214 => C:\PROGRA~2\Flowsurf\upfs7214.exe
Task: {2290C1E2-D480-4D07-ACBA-D30E54D25E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {234F10B2-4C6D-42A8-8224-691C0DA8639F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {2549736E-8036-4ED3-852B-2D0C1B40CA23} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {40354615-86AD-4467-8BA7-A2A1B8AA331D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {46E19EE6-1150-4B65-B080-3F036BB2871A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5AEABF0D-0BC8-41B4-A4C2-81569FE277F6} - \SPDriver No Task File <==== ATTENTION
Task: {63BA8BCF-269F-4DCE-8E7D-DFCCF03CEF62} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION
Task: {70025206-866D-480E-9860-AFE98A976CA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7CC1D3D8-5232-47EE-95C7-469EB2280DBF} - System32\Tasks\Google Updater and Installer => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8A02BA2F-0469-4455-A941-35993C066343} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {9997E983-4740-486F-B30F-C421F9BE7C9F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {99F9138D-D33C-467C-AE09-9053F3EFB9B2} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {9CE36BD0-1FC3-43BF-A48C-083D8FDA732C} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {A0118C1C-A821-41FB-A511-DD058E857ACB} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {A0495D01-3C2C-4F92-88DD-4BF1E014A182} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {AA38C0B9-AA52-4279-B5E3-47FE3B27E3E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D510C4F0-0979-42C5-9014-D59588772E17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3274256860-3384179074-2863741347-1000
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F02789BF-2AE7-4FFB-9304-D40B8F43DB14} - System32\Tasks\UNELEVATE_17776 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.exe <==== ATTENTION
Task: {FD09A50D-92A7-4054-AEF9-9421DE85B416} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-06 23:25 - 2010-11-03 10:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-05-06 23:25 - 2010-12-02 03:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2011-05-06 23:25 - 2010-10-21 10:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-11-03 11:05 - 2014-11-03 11:05 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 23:25 - 2014-12-04 15:51 - 00019456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-05-06 23:25 - 2010-06-29 03:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-11-03 11:04 - 2014-11-03 11:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 11:06 - 2014-11-03 11:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 11:07 - 2014-11-03 11:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2011-05-06 23:25 - 2011-01-12 19:53 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2011-05-06 23:25 - 2009-08-13 05:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2011-05-06 23:25 - 2011-02-17 20:10 - 01035776 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2011-05-06 23:25 - 2011-01-20 21:09 - 00964096 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2011-05-06 23:26 - 2011-03-12 04:53 - 01257472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2011-05-06 23:26 - 2011-01-06 19:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2011-05-06 23:25 - 2011-01-14 01:47 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2011-05-06 23:25 - 2010-09-28 05:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2011-05-06 23:25 - 2011-01-08 01:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2011-05-06 23:25 - 2010-08-07 03:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2011-05-06 23:25 - 2010-08-07 03:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2011-05-06 23:25 - 2010-08-23 03:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-10-27 22:05 - 2014-10-27 22:05 - 00117248 _____ () C:\Users\Tim\AppData\Roaming\itesing\marfacat.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:F1A5FE8B

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: BlackBerryLink.exe => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: HP LaserJet Professional CM1410 Series Fax => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDFPrint => D:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: ToolboxFX => "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: VC10Player => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot

========================= Accounts: ==========================

Administrator (S-1-5-21-3274256860-3384179074-2863741347-500 - Administrator - Disabled)
Chiara (S-1-5-21-3274256860-3384179074-2863741347-1003 - Limited - Enabled) => C:\Users\Chiara
Gast (S-1-5-21-3274256860-3384179074-2863741347-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3274256860-3384179074-2863741347-1002 - Limited - Enabled)
Tim (S-1-5-21-3274256860-3384179074-2863741347-1000 - Administrator - Enabled) => C:\Users\Tim

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6224

Error: (12/02/2014 08:28:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6224


System errors:
=============
Error: (12/04/2014 03:51:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/04/2014 03:08:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/02/2014 05:32:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/02/2014 05:31:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (12/02/2014 05:31:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Application Virtualization Client" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/02/2014 05:31:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Application Virtualization Client erreicht.

Error: (12/02/2014 05:30:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/02/2014 05:29:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/02/2014 05:29:04 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/02/2014 05:29:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069


Microsoft Office Sessions:
=========================
Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6224

Error: (12/02/2014 08:28:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6224


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 8104.29 MB
Available physical RAM: 6043.33 MB
Total Pagefile: 16206.77 MB
Available Pagefile: 13439.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:745.21 GB) (Free:551.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:1103.63 GB) (Free:756.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=14.2 GB) - (Type=1B)
Partition 2: (Active) - (Size=745.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1103.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Ok, dann mach erstmal diesen Fix:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL File Not Found
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

und danach JRT:

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Starte noch einmal FRST.

• Ändere keine der Voreinstellungen und drücke auf Scan.
• Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
• Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Okay. Fixlog.txt:

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
Ran by Tim at 2014-12-05 14:27:42 Run:1
Running from C:\Users\Tim\Downloads
Loaded Profiles: Tim &  (Available profiles: Tim & Chiara)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL File Not Found
emptytemp:
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL" => Value Data removed successfully.
EmptyTemp: => Removed 1 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         

JRT funktioniert leider immer noch nicht, AVG und Windows Defender (standardmäßig) ausgeschaltet. Genau der gleiche Fehler wie gestern schon, Fenster schließt sich..
FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Tim (administrator) on SPIELE-PC-DIETZ on 05-12-2014 14:41:10
Running from C:\Users\Tim\Downloads
Loaded Profile: Tim (Available profiles: Tim & Chiara)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgemca.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify] => C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify Web Helper] => C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {3ad8cc06-2842-11e4-b6df-5404a667c7bf} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {7aeabb5e-d847-11e3-8a0a-5404a667c7bf} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {8022c7e1-0128-11e4-a871-5404a667c7bf} - F:\Startme.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {c447e447-7c6d-11e3-b9be-5404a667c7bf} - G:\SETUP.EXE
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEA318F53FECBCE01
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-28]
FF HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Firefox\Extensions: [{38193564-FF03-06D0-0062-53FFFF2F9C05}] - C:\Program Files (x86)\ver1SpeedCheck\178.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1417363290&from=amt&uid=WDCXWD20EARX-22PASB0_WD-WCAZA953752537525
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-02]
CHR Extension: (WOT) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-02]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVGIDSAgent; D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
R4 MBAMScheduler; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147464 2013-01-08] (H+H Software GmbH)
S2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-09] (AVG Technologies)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [226080 2012-12-06] (H+H Software GmbH)
S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-04 21:00 - 2014-12-05 14:41 - 00019277 _____ () C:\Users\Tim\Downloads\FRST.txt
2014-12-04 21:00 - 2014-12-04 21:01 - 00036261 _____ () C:\Users\Tim\Downloads\Addition.txt
2014-12-04 20:59 - 2014-12-04 20:59 - 01707646 _____ (Thisisu) C:\Users\Tim\Downloads\JRT(1).exe
2014-12-04 20:58 - 2014-12-04 20:58 - 00231408 _____ () C:\Users\Tim\Downloads\JRT.exe
2014-12-04 20:55 - 2014-12-04 20:55 - 00001406 _____ () C:\Users\Tim\Desktop\mbam.txt
2014-12-04 20:33 - 2014-12-04 20:33 - 01707646 _____ (Thisisu) C:\Users\Tim\Downloads\JRT64.exe
2014-12-04 20:33 - 2014-12-04 20:33 - 01707646 _____ (Thisisu) C:\Users\Tim\Desktop\JRT64.exe
2014-12-04 16:31 - 2014-12-04 16:31 - 00045568 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-12-04 16:30 - 2014-12-04 16:30 - 00036404 _____ () C:\Users\Tim\Desktop\Addition.txt
2014-12-04 16:26 - 2014-12-05 14:41 - 00000000 ____D () C:\FRST
2014-12-04 16:25 - 2014-12-04 16:25 - 02117632 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2014-12-04 16:22 - 2014-12-04 16:22 - 01110016 _____ (Farbar) C:\Users\Tim\Downloads\FRST.exe
2014-12-04 15:41 - 2014-12-04 15:41 - 00001415 _____ () C:\Users\Tim\Desktop\AdwCleaner[R3].txt
2014-12-03 15:13 - 2014-12-03 15:13 - 00000000 _____ () C:\Users\Tim\AppData\Local\{7449D0F4-AD5C-4D8A-BA98-687BB5203CD2}
2014-12-02 17:53 - 2014-12-02 17:53 - 00001068 _____ () C:\Users\Tim\Desktop\BMW.lnk
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-02 17:21 - 2014-12-05 14:31 - 00001296 _____ () C:\Windows\setupact.log
2014-12-02 17:21 - 2014-12-05 14:30 - 00004726 _____ () C:\Windows\PFRO.log
2014-12-02 17:21 - 2014-12-02 17:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 17:12 - 2014-12-02 17:12 - 00000085 _____ () C:\Windows\wininit.ini
2014-12-02 17:08 - 2014-12-02 17:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-02 17:08 - 2014-12-02 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-02 17:08 - 2014-12-02 17:08 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-02 17:04 - 2014-12-02 17:05 - 00376202 _____ () C:\Users\Tim\Desktop\cc_20141202_170449.reg
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 __HDC () C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Stardock
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-12-02 16:36 - 2014-12-02 16:36 - 00880784 _____ (Google Inc.) C:\Users\Tim\Downloads\ChromeSetup.exe
2014-12-02 16:19 - 2014-12-02 16:19 - 13485202 _____ () C:\Users\Tim\Downloads\hitmanpro379.zip
2014-12-02 16:17 - 2014-12-02 16:17 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Tim\Downloads\spybot-2.4.exe
2014-12-02 16:07 - 2014-12-02 16:07 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-02 13:51 - 2014-12-02 13:51 - 00000000 ___DL () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-02 13:46 - 2014-12-02 15:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SymMover
2014-12-02 13:46 - 2014-12-02 13:46 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SymMover
2014-12-02 13:44 - 2014-12-02 13:45 - 00000000 ____D () C:\Users\Tim\Symmover
2014-12-01 19:03 - 2014-12-01 19:03 - 00003132 _____ () C:\Windows\System32\Tasks\{2CB07BE7-18B5-42B0-9745-695514D19B69}
2014-12-01 14:06 - 2014-12-01 14:06 - 00003172 _____ () C:\Windows\System32\Tasks\UNELEVATE_17776
2014-11-30 17:01 - 2014-11-30 17:01 - 00004656 _____ () C:\Windows\SysWOW64\abengine.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00003086 _____ () C:\Windows\System32\Tasks\upfs7214
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\SysWOW64\abengineOff.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\system32\abengineOff.ini
2014-11-30 17:01 - 2014-11-23 23:23 - 00370584 _____ (Abengine) C:\Windows\system32\abengine64.dll
2014-11-30 16:59 - 2014-11-30 16:59 - 00003732 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-11-30 16:58 - 2014-11-30 16:59 - 00003592 _____ () C:\Windows\System32\Tasks\YTDownloader
2014-11-30 16:58 - 2014-11-30 16:58 - 00003582 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-11-30 16:57 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\itesing
2014-11-30 15:52 - 2014-12-01 19:00 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Anvsoft
2014-11-30 15:52 - 2014-11-30 15:52 - 00000000 ____D () C:\Users\Tim\Documents\Any Video Converter
2014-11-30 14:45 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Local\MAGIX_Software_GmbH
2014-11-29 15:04 - 2014-11-29 15:04 - 00000000 __SHD () C:\Users\Tim\AppData\Local\EmieBrowserModeList
2014-11-29 14:28 - 2014-11-30 15:56 - 00538128 _____ () C:\Users\Tim\Desktop\2014_09 HB-HH-HB.MVP
2014-11-22 22:43 - 2014-11-22 22:43 - 00000000 ____D () C:\Users\Tim\Desktop\Xperia Z
2014-11-22 21:08 - 2014-11-22 22:41 - 00000000 ____D () C:\Users\Tim\Desktop\Handy fotos
2014-11-21 15:32 - 2014-11-22 13:17 - 00000000 ____D () C:\Users\Tim\Desktop\Fotos Videos papa
2014-11-19 16:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 16:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-11-13 17:32 - 2014-11-13 17:32 - 00000000 __SHD () C:\Users\Chiara\AppData\Local\EmieBrowserModeList
2014-11-13 17:07 - 2014-11-13 17:07 - 01942161 _____ () C:\Users\Chiara\Downloads\wave-interference_en.jar
2014-11-13 17:07 - 2014-11-13 17:07 - 00000000 ____D () C:\Users\Chiara\.phet
2014-11-12 15:44 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 15:44 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 15:44 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:44 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 15:44 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 15:44 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:44 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:44 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 15:44 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 15:44 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:44 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:44 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:44 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 15:44 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 15:44 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 15:44 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 15:44 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 15:44 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 15:44 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 15:44 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 15:44 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 15:44 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 15:44 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 15:44 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 15:44 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 15:44 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 15:44 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 15:43 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 15:43 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 15:43 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 15:43 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 15:43 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 15:43 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 15:43 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:43 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 15:43 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 15:43 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 15:43 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:43 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-07 20:05 - 2014-11-07 20:05 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-11-05 09:47 - 2014-11-05 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-05 09:46 - 2014-11-05 09:47 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-05 09:46 - 2014-11-05 09:47 - 00000000 ____D () C:\Program Files\iTunes
2014-11-05 09:46 - 2014-11-05 09:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-05 09:46 - 2014-11-05 09:46 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 14:39 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 14:39 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 14:36 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Spotify
2014-12-05 14:36 - 2013-10-20 12:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-05 14:35 - 2013-10-18 12:54 - 01491851 _____ () C:\Windows\WindowsUpdate.log
2014-12-05 14:33 - 2014-09-15 15:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 14:32 - 2014-10-18 17:03 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-12-05 14:32 - 2013-11-17 13:10 - 00000000 ____D () C:\Users\Tim\AppData\Local\HTC MediaHub
2014-12-05 14:31 - 2014-09-09 20:21 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-05 14:31 - 2014-05-10 16:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-05 14:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 14:27 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-05 14:25 - 2014-05-10 16:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-04 20:36 - 2014-09-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-04 15:40 - 2014-09-14 18:41 - 00000000 ____D () C:\AdwCleaner
2014-12-04 15:10 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Local\Spotify
2014-12-02 19:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-02 17:05 - 2013-10-18 13:57 - 00000000 ____D () C:\Windows\pss
2014-12-02 13:44 - 2013-10-18 12:55 - 00000000 ____D () C:\Users\Tim
2014-12-01 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-01 19:53 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2014-12-01 18:56 - 2014-05-10 16:16 - 00000000 ____D () C:\Users\Chiara\AppData\Local\LogMeIn Hamachi
2014-12-01 18:56 - 2013-11-17 12:35 - 00000000 ____D () C:\Users\Chiara\AppData\Local\HTC MediaHub
2014-11-30 20:23 - 2014-10-19 12:07 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-11-30 20:23 - 2014-07-02 19:46 - 00000000 ____D () C:\Users\Tim\Desktop\Neuer Ordner
2014-11-30 20:23 - 2014-05-10 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-30 20:23 - 2014-03-15 10:29 - 00000000 ____D () C:\Users\Tim\Desktop\Papa musik
2014-11-30 20:23 - 2013-11-02 09:53 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\vlc
2014-11-30 20:23 - 2013-10-30 16:44 - 00000000 ____D () C:\Users\Chiara
2014-11-30 20:23 - 2013-10-27 16:26 - 00000000 ____D () C:\Users\Tim\Documents\BMW
2014-11-30 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-30 17:06 - 2014-01-13 16:35 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TeamViewer
2014-11-30 17:02 - 2014-10-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 17:02 - 2014-10-08 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus-Simulator 2012
2014-11-30 17:02 - 2014-08-26 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-30 17:02 - 2014-08-25 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-11-30 17:02 - 2014-07-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-11-30 17:02 - 2014-06-25 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-30 17:02 - 2014-06-22 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-30 17:02 - 2014-04-03 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gabelstapler Simulator 2009
2014-11-30 17:02 - 2014-02-27 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-11-30 17:02 - 2014-01-28 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-30 17:02 - 2014-01-14 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-11-30 17:02 - 2013-12-06 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 17:02 - 2013-10-20 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-30 17:02 - 2013-10-20 13:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-11-30 17:02 - 2013-10-20 12:53 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-30 17:02 - 2013-10-18 12:55 - 00000000 ___RD () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:02 - 2011-05-06 23:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-11-30 17:02 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:01 - 2013-10-21 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-30 14:44 - 2014-02-23 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\MAGIX
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 11:37 - 2011-03-15 22:23 - 00714496 _____ () C:\Windows\system32\perfh007.dat
2014-11-23 11:37 - 2011-03-15 22:23 - 00154218 _____ () C:\Windows\system32\perfc007.dat
2014-11-23 11:37 - 2009-07-14 06:13 - 01660444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 17:21 - 2013-10-27 16:26 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-21 15:32 - 2013-10-18 13:38 - 00170632 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 06:14 - 2014-09-15 15:54 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-17 15:08 - 2014-05-10 16:15 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-17 15:08 - 2014-05-10 16:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 16:29 - 2014-06-07 20:19 - 00000000 ____D () C:\Users\Chiara\Desktop\Server
2014-11-16 15:42 - 2013-11-17 12:23 - 00170632 _____ () C:\Users\Chiara\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 15:41 - 2009-07-14 05:45 - 00563992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 15:38 - 2013-11-17 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-11-16 15:38 - 2013-11-17 12:32 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-16 15:37 - 2013-11-17 12:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\Downloaded Installations
2014-11-16 15:36 - 2013-11-17 12:32 - 00000000 ____D () C:\Temp
2014-11-13 04:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:26 - 2014-05-06 15:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:11 - 2014-01-13 17:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:08 - 2013-10-25 15:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:02 - 2013-10-25 15:27 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-10 13:54 - 2014-09-10 15:55 - 00000000 ____D () C:\Users\Chiara\AppData\Local\AVG Web TuneUp
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Local\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-09 12:49 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Tim\AppData\Local\AVG Web TuneUp
2014-11-08 13:49 - 2014-11-01 20:39 - 00000000 ____D () C:\Users\Tim\Documents\Flight Simulator X-Dateien
2014-11-07 21:24 - 2013-12-27 21:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.minecraft
2014-11-07 20:05 - 2014-09-09 20:15 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-11-05 09:46 - 2014-06-22 07:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-05 09:46 - 2014-03-15 11:55 - 00000000 ____D () C:\Program Files\Common Files\Apple

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-29 18:24

==================== End Of Log ============================
         

--- --- ---

Addition.txt:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by Tim at 2014-12-05 14:41:40
Running from C:\Users\Tim\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.22 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4794 - AVG Technologies)
AVG 2014 (Version: 14.0.4235 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4794 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
Battlefield Play4Free (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version:  - astragon)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
City Bus Simulator 2010 - Gold Edition (HKLM-x32\...\{9FB088BB-47DC-452C-BE8E-036E2243B4C8}) (Version: 1.00 - TML-Studios)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Free MP4 Video Converter version 5.0.46.820 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional CM1410 Series (HKLM-x32\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version:  - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM-x32\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{22FE3793-5961-4ADE-AE66-69D9291C22B1}) (Version: 1.03.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppCM1410LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden
hppFaxDrvCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1410 (x32 Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
hppSendFaxCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXCM1410 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Designelemente) (HKLM-x32\...\MX.{53BBE66D-C843-4E0A-A317-2F0B8FA29485}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Designelemente) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (HKLM-x32\...\MX.{BD329C68-4F9A-4ACD-A2D0-D6D59380E6E7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium Update (Version: 13.0.5.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA Grafiktreiber 268.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.29 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.1 - pdfforge)
PhotoDose 5.1 (HKLM-x32\...\Photo Dose_is1) (Version:  - )
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SL-6640-SBK BLACK WIDOW Flightstick (HKLM-x32\...\SL-6640-SBK BLACK WIDOW Flightstick) (Version:  - )
Spotify (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SymMover (HKLM-x32\...\SymMover) (Version:  - )
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.00.0 - H+H Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WorldofTanks (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\WorldofTanks) (Version:  - WorldofTanks)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programme\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

29-11-2014 17:30:59 Geplanter Prüfpunkt
30-11-2014 16:04:23 Removed HTC Driver Installer.
30-11-2014 19:18:51 Wiederherstellungsvorgang
01-12-2014 18:50:51 Revo Uninstaller's restore point - WorldofTanks
02-12-2014 16:15:06 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03324725-91F2-4B5C-A034-E26110AD72B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {1730127B-3E29-42CB-AD15-B14A2EB8B95B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {1813E5B8-9D56-4793-A2F0-D94FF86D82D7} - \ShopperPro No Task File <==== ATTENTION
Task: {228DB8E0-BDB0-416C-8661-F1C426CE6A1D} - System32\Tasks\upfs7214 => C:\PROGRA~2\Flowsurf\upfs7214.exe
Task: {2290C1E2-D480-4D07-ACBA-D30E54D25E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {234F10B2-4C6D-42A8-8224-691C0DA8639F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {2549736E-8036-4ED3-852B-2D0C1B40CA23} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {40354615-86AD-4467-8BA7-A2A1B8AA331D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {46E19EE6-1150-4B65-B080-3F036BB2871A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5AEABF0D-0BC8-41B4-A4C2-81569FE277F6} - \SPDriver No Task File <==== ATTENTION
Task: {63BA8BCF-269F-4DCE-8E7D-DFCCF03CEF62} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION
Task: {70025206-866D-480E-9860-AFE98A976CA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7CC1D3D8-5232-47EE-95C7-469EB2280DBF} - System32\Tasks\Google Updater and Installer => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8A02BA2F-0469-4455-A941-35993C066343} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {9997E983-4740-486F-B30F-C421F9BE7C9F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {99F9138D-D33C-467C-AE09-9053F3EFB9B2} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {9CE36BD0-1FC3-43BF-A48C-083D8FDA732C} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {A0118C1C-A821-41FB-A511-DD058E857ACB} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {A0495D01-3C2C-4F92-88DD-4BF1E014A182} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {AA38C0B9-AA52-4279-B5E3-47FE3B27E3E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D510C4F0-0979-42C5-9014-D59588772E17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3274256860-3384179074-2863741347-1000
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F02789BF-2AE7-4FFB-9304-D40B8F43DB14} - System32\Tasks\UNELEVATE_17776 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.exe <==== ATTENTION
Task: {FD09A50D-92A7-4054-AEF9-9421DE85B416} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-06 23:25 - 2010-11-03 10:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-05-06 23:25 - 2010-12-02 03:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2011-05-06 23:25 - 2010-10-21 10:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-11-03 11:05 - 2014-11-03 11:05 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00613944 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 23:25 - 2014-12-05 14:31 - 00019456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-05-06 23:25 - 2010-06-29 03:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-11-03 11:04 - 2014-11-03 11:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 11:06 - 2014-11-03 11:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 11:07 - 2014-11-03 11:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2011-05-06 23:25 - 2011-01-12 19:53 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2011-05-06 23:25 - 2009-08-13 05:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2011-05-06 23:25 - 2011-02-17 20:10 - 01035776 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2011-05-06 23:25 - 2011-01-20 21:09 - 00964096 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2011-05-06 23:26 - 2011-03-12 04:53 - 01257472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2011-05-06 23:26 - 2011-01-06 19:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2011-05-06 23:25 - 2011-01-14 01:47 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2011-05-06 23:25 - 2010-09-28 05:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2011-05-06 23:25 - 2011-01-08 01:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2011-05-06 23:25 - 2010-08-07 03:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2011-05-06 23:25 - 2010-08-07 03:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2011-05-06 23:25 - 2010-08-23 03:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 36966968 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libcef.dll
2014-10-27 22:05 - 2014-10-27 22:05 - 00117248 _____ () C:\Users\Tim\AppData\Roaming\itesing\marfacat.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00867896 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00886840 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00108600 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:F1A5FE8B

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: BlackBerryLink.exe => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: HP LaserJet Professional CM1410 Series Fax => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDFPrint => D:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: ToolboxFX => "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: VC10Player => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot

========================= Accounts: ==========================

Administrator (S-1-5-21-3274256860-3384179074-2863741347-500 - Administrator - Disabled)
Chiara (S-1-5-21-3274256860-3384179074-2863741347-1003 - Limited - Enabled) => C:\Users\Chiara
Gast (S-1-5-21-3274256860-3384179074-2863741347-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3274256860-3384179074-2863741347-1002 - Limited - Enabled)
Tim (S-1-5-21-3274256860-3384179074-2863741347-1000 - Administrator - Enabled) => C:\Users\Tim

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6224


System errors:
=============
Error: (12/05/2014 02:31:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/04/2014 03:51:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/04/2014 03:08:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/02/2014 05:32:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/02/2014 05:31:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (12/02/2014 05:31:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Application Virtualization Client" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/02/2014 05:31:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Application Virtualization Client erreicht.

Error: (12/02/2014 05:30:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/02/2014 05:29:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/02/2014 05:29:04 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7223

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6224


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8104.29 MB
Available physical RAM: 5834.93 MB
Total Pagefile: 16206.77 MB
Available Pagefile: 13498.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:745.21 GB) (Free:552.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:1103.63 GB) (Free:756.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=14.2 GB) - (Type=1B)
Partition 2: (Active) - (Size=745.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1103.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Nach dem Fix hast du aber den Neustart durchgeführt ?

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

Task: {1813E5B8-9D56-4793-A2F0-D94FF86D82D7} - \ShopperPro No Task File <==== ATTENTION

Task: {234F10B2-4C6D-42A8-8224-691C0DA8639F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION

Task: {2549736E-8036-4ED3-852B-2D0C1B40CA23} - \PC Performer Scheduled Scan No Task File <==== ATTENTION

Task: {40354615-86AD-4467-8BA7-A2A1B8AA331D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION

Task: {5AEABF0D-0BC8-41B4-A4C2-81569FE277F6} - \SPDriver No Task File <==== ATTENTION

Task: {63BA8BCF-269F-4DCE-8E7D-DFCCF03CEF62} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION

Task: {99F9138D-D33C-467C-AE09-9053F3EFB9B2} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION

Task: {9CE36BD0-1FC3-43BF-A48C-083D8FDA732C} - \PC Performer Logon Scan No Task File <==== ATTENTION

Task: {A0118C1C-A821-41FB-A511-DD058E857ACB} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION

Task: {F02789BF-2AE7-4FFB-9304-D40B8F43DB14} - System32\Tasks\UNELEVATE_17776 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.exe <==== ATTENTION

Task: {FD09A50D-92A7-4054-AEF9-9421DE85B416} - \ShopperProJSUpd No Task File <==== ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Und Rechner Neustarten bitte.

Dann nochmal JRT neu runterladen, starten.
Falls wieder ein Fehler kommt, bitte nen Screenshot von der Meldung und in der Antwort als "Anhang" anfügen.


Dankööö

Ja, Neustart wurde vom Programm und bei diesem Fix durchgeführt.

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014
Ran by Tim at 2014-12-05 15:54:47 Run:2
Running from C:\Users\Tim\Downloads
Loaded Profile: Tim (Available profiles: Tim & Chiara)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {1813E5B8-9D56-4793-A2F0-D94FF86D82D7} - \ShopperPro No Task File <==== ATTENTION

Task: {234F10B2-4C6D-42A8-8224-691C0DA8639F} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION

Task: {2549736E-8036-4ED3-852B-2D0C1B40CA23} - \PC Performer Scheduled Scan No Task File <==== ATTENTION

Task: {40354615-86AD-4467-8BA7-A2A1B8AA331D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION

Task: {5AEABF0D-0BC8-41B4-A4C2-81569FE277F6} - \SPDriver No Task File <==== ATTENTION

Task: {63BA8BCF-269F-4DCE-8E7D-DFCCF03CEF62} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION

Task: {99F9138D-D33C-467C-AE09-9053F3EFB9B2} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION

Task: {9CE36BD0-1FC3-43BF-A48C-083D8FDA732C} - \PC Performer Logon Scan No Task File <==== ATTENTION

Task: {A0118C1C-A821-41FB-A511-DD058E857ACB} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION

Task: {F02789BF-2AE7-4FFB-9304-D40B8F43DB14} - System32\Tasks\UNELEVATE_17776 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.exe <==== ATTENTION

Task: {FD09A50D-92A7-4054-AEF9-9421DE85B416} - \ShopperProJSUpd No Task File <==== ATTENTION
         
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1813E5B8-9D56-4793-A2F0-D94FF86D82D7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1813E5B8-9D56-4793-A2F0-D94FF86D82D7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{234F10B2-4C6D-42A8-8224-691C0DA8639F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{234F10B2-4C6D-42A8-8224-691C0DA8639F}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2549736E-8036-4ED3-852B-2D0C1B40CA23}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2549736E-8036-4ED3-852B-2D0C1B40CA23}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer Scheduled Scan" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40354615-86AD-4467-8BA7-A2A1B8AA331D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40354615-86AD-4467-8BA7-A2A1B8AA331D}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTDownloaderUpd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5AEABF0D-0BC8-41B4-A4C2-81569FE277F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AEABF0D-0BC8-41B4-A4C2-81569FE277F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63BA8BCF-269F-4DCE-8E7D-DFCCF03CEF62}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63BA8BCF-269F-4DCE-8E7D-DFCCF03CEF62}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTDownloader => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{99F9138D-D33C-467C-AE09-9053F3EFB9B2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99F9138D-D33C-467C-AE09-9053F3EFB9B2}" => Key deleted successfully.
C:\Windows\System32\Tasks\SMupdate1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9CE36BD0-1FC3-43BF-A48C-083D8FDA732C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CE36BD0-1FC3-43BF-A48C-083D8FDA732C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer Logon Scan" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0118C1C-A821-41FB-A511-DD058E857ACB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0118C1C-A821-41FB-A511-DD058E857ACB}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F02789BF-2AE7-4FFB-9304-D40B8F43DB14}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F02789BF-2AE7-4FFB-9304-D40B8F43DB14}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_17776 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_17776" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD09A50D-92A7-4054-AEF9-9421DE85B416}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD09A50D-92A7-4054-AEF9-9421DE85B416}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => Key deleted successfully.

==== End of Fixlog ====
         

JRT Screenshots sind als Anhänge dabei. Nach dem 2. Bild verfallen beide Fenster und nichts geschieht.

OK, dann überspringe wir JRT.


Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Falls es schon Malwarebytes Logs gibt, diese bitte posten.

Und bitte neue FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

Mit Malwarebytes habe ich schonmal gescannt, habe es allerdings vergessen die Logdatei einzustellen
Von gestern:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.12.2014
Suchlauf-Zeit: 20:46:33
Logdatei: 
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.04.09
Rootkit Datenbank: v2014.12.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 390821
Verstrichene Zeit: 6 Min, 45 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.SpeedCheck.A, C:\Windows\Tasks\SpeedCheck Update.job, In Quarantäne, [f6e3da84106ca98d5a26aca5d92a4cb4], 
PUP.Optional.Speedcheck.A, C:\Windows\System32\Tasks\SpeedCheck Update, In Quarantäne, [4099104ea2da6bcbcab7024fc24136ca], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Von heute:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.12.2014
Suchlauf-Zeit: 21:32:53
Logdatei: 
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.05.11
Rootkit Datenbank: v2014.12.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 390847
Verstrichene Zeit: 8 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Ich hatte Malwarebytes schon auf dem PC installiert, bevor ich dieses Programm hatte.. Deshalb habe ich auch schon etwa 5 mal gescannt. Vielleicht hilft es den letzten Scan auch mit rein zu packen. Hier hatte ich das Problem schon.
1.12.2014:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.12.2014
Suchlauf-Zeit: 19:40:07
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.15.07
Rootkit Datenbank: v2014.09.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 374517
Verstrichene Zeit: 8 Min, 0 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1840, Löschen bei Neustart, [bd36cf1e0279f442b35a862c51b0827e]

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 26
PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [bd36cf1e0279f442b35a862c51b0827e], 
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, In Quarantäne, [bd36cf1e0279f442b35a862c51b0827e], 
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YTDownloader, In Quarantäne, [3db6787582f92f078e175e24828009f7], 
PUP.Optional.ShopperPro, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPDRIVER_1.37.0.1419, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [05eede0fee8d181ea362adbc20e4cb35], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [549fda138af18fa7bbdf171b3fc4c739], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [797a7578423968ce71841f2963a1b34d], 
PUP.Optional.Qone8, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [549f6d80fb80a3935e32f85cd82c42be], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}\INPROCSERVER32, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0N2X1N, In Quarantäne, [797a7578423968ce71841f2963a1b34d]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 9
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [b83b05e8f388a591dee1a8418c76fb05], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [b83b05e8f388a591dee1a8418c76fb05], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 

Dateien: 33
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [bd36cf1e0279f442b35a862c51b0827e], 
Trojan.Agent, C:\Program Files (x86)\YTDownloader\YTDUninstall.exe, In Quarantäne, [3db6787582f92f078e175e24828009f7], 
Trojan.Agent, C:\Users\Tim\AppData\Local\Temp\Install_31637\ytd.exe, In Quarantäne, [4fa440adaad1d2643a6b493930d21ee2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\config.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\database1_0_0.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\manifest.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro.dll, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\ShopperPro64.dll, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\Updater.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\chrome.manifest, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\install.rdf, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.js, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\overlay.xul, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\FireFox\content\shopperpro_128.png, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\jsdrv.sys, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\config.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\database1_0_0.json, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.exe, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1419\jsdrv.sys, In Quarantäne, [876ce706a1daee48c401e125fa095ea2], 
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperPro, In Quarantäne, [6c87bb32c5b6af87923e8086b54eac54], 
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\ShopperProJSUpd, In Quarantäne, [49aacb224536ca6c9140dc2afe052ad6], 
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPDriver, In Quarantäne, [797acd2062194fe7cc0659ad838044bc], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici64.dll, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii32.exe, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96], 
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii64.exe, In Quarantäne, [13e097565e1d44f25d7aa5513ac86a96], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\config.json, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\database1_0_0.json, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro.dll, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\ShopperPro64.dll, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 
PUP.Optional.ShopperPro, C:\ProgramData\ShopperPro\spbihe.js, In Quarantäne, [b63d30bdea91ed494b17c3357b87b64a], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Hier hatte ich das Problem noch nicht...

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 15.09.2014
Suchlauf-Zeit: 16:54:36
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.15.07
Rootkit Datenbank: v2014.09.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366548
Verstrichene Zeit: 8 Min, 49 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [cd268964532871c541b2394bb44e6d93], 
PUP.Optional.PCPerformer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PCPerformer_is1, In Quarantäne, [35be955827546bcbc965af56a45fef11], 
PUP.Optional.AddLyrics, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WEBINSTR, In Quarantäne, [d61d608d304b152115fcf8071ee4fe02], 
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, In Quarantäne, [35be8d60f6858da9ec78333343c154ac], 

Registrierungswerte: 3
PUP.Optional.AddLyrics, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WEBINSTR|DisplayName, webinstr, In Quarantäne, [d61d608d304b152115fcf8071ee4fe02]
PUP.Optional.SpeedTest, HKU\S-1-5-21-3274256860-3384179074-2863741347-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest199@BestOffers, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, In Quarantäne, [28cbd01dfa81af87abede0280102e020]
Trojan.Agent, HKU\S-1-5-21-3274256860-3384179074-2863741347-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Updater, C:\ProgramData\Updater\updater.exe, In Quarantäne, [2fc439b4d6a569cd86ffb2a345bf06fa]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 7
PUP.Optional.Conduit.A, C:\Users\Tim\AppData\Local\Temp\CT3323737, In Quarantäne, [17dc40ad58233ef8b35a7e54ef1314ec], 
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc], 
PUP.Optional.Managera.A, C:\Users\Tim\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [c72c1ecf691252e44769d3167989ff01], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 

Dateien: 76
PUP.Optional.AdLyrics, C:\Program Files (x86)\ver1SpeedCheck\b5SpeedCheckh25.exe, In Quarantäne, [08eb6a83c9b20f272a43d380639d25db], 
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$R1V0ZN1.exe, In Quarantäne, [c3304da07a01da5ce71e00304db449b7], 
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$ROY0O0U.exe, In Quarantäne, [1bd833bac9b2dc5aa3626dc3907105fb], 
PUP.Optional.Conduit.A, C:\Users\Chiara\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [fef58a635a210f2790b332fc25dc768a], 
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsnF7C4.exe, In Quarantäne, [48ab935a3f3c49ed0151a396ea17df21], 
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsxF2F9.exe, In Quarantäne, [27ccb736483355e1bd955bde639ee21e], 
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsxF5DF.exe, In Quarantäne, [0ce76b821a6159dd4f03cd6c36cbd12f], 
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nshAA3E.exe, In Quarantäne, [0ee569847efd0a2ca8aa2b0e629f827e], 
PUP.Optional.SearchProtect.A, C:\Users\Tim\AppData\Local\Temp\nsnA83B.exe, In Quarantäne, [bc37d914106b46f0cc8695a425dc13ed], 
PUP.Optional.NewPlayer, C:\Users\Tim\AppData\Local\Temp\92EFtmp\newvideoplayersetup.exe, In Quarantäne, [71827e6f5c1fc86e9ac93b7a8879936d], 
PUP.Optional.SearchHijacker.A, C:\Users\Tim\AppData\Local\Temp\92F0tmp\lly_istartsurf.exe, In Quarantäne, [906311dcbac1023438331d9129d828d8], 
Trojan.Agent, C:\Users\Tim\AppData\Local\Temp\is-ESLEQ.tmp\netlogger.exe, In Quarantäne, [63906786730842f4c001258fdd24ab55], 
PUP.Optional.Conduit.A, C:\Users\Tim\AppData\Local\Temp\nsh90F2\SpSetup.exe, In Quarantäne, [af44816c176472c4c57e5ad4c04132ce], 
PUP.Optional.AdLyrics, C:\Users\Tim\AppData\Local\Temp\92F1tmp\3333-2081_speedcheck.exe, In Quarantäne, [6a89eb02314a3ef8a3caada6e61af40c], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsf7CFE.exe, In Quarantäne, [a053d21b9ddeda5c143ea09924dd9967], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh51CB.exe, In Quarantäne, [d91a599475060e28fa58e15879880ef2], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh5FD0.exe, In Quarantäne, [e40f628bfb80e2540e4401380ff2f709], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm5BF9.exe, In Quarantäne, [c82bdf0e4239f83eb1a10d2cf40dd927], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm8910.exe, In Quarantäne, [f20105e857241a1c450df049c63b0cf4], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm89AC.exe, In Quarantäne, [a84bfdf015665adc61f199a0956cce32], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss51BC.exe, In Quarantäne, [0de6af3eeb90de5820320f2a1de408f8], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv70DD.exe, In Quarantäne, [af440be287f40630aca658e1ca3732ce], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv8104.exe, In Quarantäne, [33c0b5382358a096ef63e356a958817f], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsw2684.exe, In Quarantäne, [757e01ec90eb38fee36ffb3e36cb5da3], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nswC015.exe, In Quarantäne, [22d137b66b1058de440e53e6a55c31cf], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxAA38.exe, In Quarantäne, [747f8a639cdf8fa7db77d0698180fd03], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsa70FC.exe, In Quarantäne, [3fb45a93295257df2929c772ef126a96], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscA661.exe, In Quarantäne, [688be70695e6c373a6acbe7b649d5ba5], 
PUP.Optional.DomaIQ, C:\Users\Tim\Downloads\Player Setup (1).exe, In Quarantäne, [f003faf3710ad165ae336ce73dc3cb35], 
PUP.Optional.DomaIQ, C:\Users\Tim\Downloads\Player Setup.exe, In Quarantäne, [faf9d31aaccfa88ed908aea5689832ce], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\Tasks\PC Performer Logon Scan, In Quarantäne, [d71c01ec1c5ff145f99bbd47669daa56], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\Tasks\PC Performer Scheduled Scan, In Quarantäne, [db18e409a6d594a2dfb553b15ea5956b], 
PUP.Optional.PCPerformer, C:\Windows\performersoftsetup.dll, In Quarantäne, [559e7776205b7db932fa81847093b54b], 
PUP.Optional.Superfish.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [2ac9a24b7902a78f842697836c973cc4], 
PUP.Optional.Superfish.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [6c875a937cff69cd4961f02a669d55ab], 
PUP.Optional.Websteroids.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage, In Quarantäne, [599a3db0abd0d3634edb38ed2dd66799], 
PUP.Optional.Websteroids.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal, In Quarantäne, [f8fb97560675340261c83ee7c43feb15], 
PUP.Optional.AddLyrics, C:\Windows\System32\drivers\webinstr.sys, In Quarantäne, [d61d608d304b152115fcf8071ee4fe02], 
PUP.Optional.Conduit.A, C:\Users\Tim\AppData\Local\Temp\CT3323737\ddt.csf, In Quarantäne, [17dc40ad58233ef8b35a7e54ef1314ec], 
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc], 
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc], 
PUP.Optional.Extutil.A, C:\Users\Tim\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [c92a40ad80fb0f27545ba04917eb44bc], 
PUP.Optional.Managera.A, C:\Users\Tim\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [c72c1ecf691252e44769d3167989ff01], 
PUP.Optional.Managera.A, C:\Users\Tim\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [c72c1ecf691252e44769d3167989ff01], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome.manifest, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\icon.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\install.rdf, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\background.html, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\button.xml, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\config.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\content.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\framework.xul, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon128.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon16.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon18.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon24.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon32.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon48.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.ico, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\icon64.png, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\jquery-1.9.1.min.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\options.xul, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\rjs.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\settings.json, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\content\subscriptloader.js, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.SpeedTest.A, C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers\chrome\skin\framework.css, In Quarantäne, [42b1dc11a9d22d097686cc1d12f03cc4], 
PUP.Optional.IStartSurf.A, C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\preferences, Gut: (), Schlecht: (		"search_url": "hxxp://www.istartsurf.com/web/?type=ds&ts=1410290519&from=tugs&uid=WDCXWD20EARX-22PASB0_WD-WCAZA953752537525&q={searchTerms}"), Ersetzt,[73807b728deecd694c21c36d0ff69769]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Hier noch den FRST log:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Tim (administrator) on SPIELE-PC-DIETZ on 06-12-2014 14:21:29
Running from C:\Users\Tim\Downloads
Loaded Profile: Tim (Available profiles: Tim & Chiara)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgemca.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify] => C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify Web Helper] => C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {3ad8cc06-2842-11e4-b6df-5404a667c7bf} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {7aeabb5e-d847-11e3-8a0a-5404a667c7bf} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {8022c7e1-0128-11e4-a871-5404a667c7bf} - F:\Startme.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {c447e447-7c6d-11e3-b9be-5404a667c7bf} - G:\SETUP.EXE
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEA318F53FECBCE01
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-28]
FF HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Firefox\Extensions: [{38193564-FF03-06D0-0062-53FFFF2F9C05}] - C:\Program Files (x86)\ver1SpeedCheck\178.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1417363290&from=amt&uid=WDCXWD20EARX-22PASB0_WD-WCAZA953752537525
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-02]
CHR Extension: (WOT) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-02]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVGIDSAgent; D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
R2 MBAMScheduler; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147464 2013-01-08] (H+H Software GmbH)
S2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-09] (AVG Technologies)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [226080 2012-12-06] (H+H Software GmbH)
S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 14:21 - 2014-12-06 14:22 - 00019652 _____ () C:\Users\Tim\Downloads\FRST.txt
2014-12-06 14:21 - 2014-12-06 14:21 - 00000000 ____D () C:\Users\Tim\Downloads\FRST-OlderVersion
2014-12-05 16:04 - 2014-12-05 16:09 - 00000000 ____D () C:\Users\Tim\AppData\Local\www.rene-zeidler.de
2014-12-05 16:04 - 2014-12-05 16:04 - 00437645 _____ () C:\Users\Tim\Downloads\SnippingToolPlusv3-4-1-0.zip
2014-12-05 16:04 - 2014-12-05 16:04 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\www.rene-zeidler.de
2014-12-05 16:04 - 2014-12-05 16:04 - 00000000 ____D () C:\ProgramData\www.rene-zeidler.de
2014-12-05 16:03 - 2014-12-05 16:03 - 01174352 _____ () C:\Users\Tim\Downloads\Snipping Tool Plus - CHIP-Installer.exe
2014-12-05 16:01 - 2014-12-05 16:01 - 01707646 _____ (Thisisu) C:\Users\Tim\Downloads\JRT64.exe
2014-12-05 15:54 - 2014-12-05 15:54 - 00000000 ____D () C:\Users\Tim\Downloads\Neuer Ordner
2014-12-04 20:55 - 2014-12-04 20:55 - 00001406 _____ () C:\Users\Tim\Desktop\mbam.txt
2014-12-04 20:33 - 2014-12-04 20:33 - 01707646 _____ (Thisisu) C:\Users\Tim\Desktop\JRT64.exe
2014-12-04 16:31 - 2014-12-04 16:31 - 00045568 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-12-04 16:30 - 2014-12-04 16:30 - 00036404 _____ () C:\Users\Tim\Desktop\Addition.txt
2014-12-04 16:26 - 2014-12-06 14:21 - 00000000 ____D () C:\FRST
2014-12-04 16:25 - 2014-12-06 14:21 - 02118144 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2014-12-04 15:41 - 2014-12-04 15:41 - 00001415 _____ () C:\Users\Tim\Desktop\AdwCleaner[R3].txt
2014-12-03 15:13 - 2014-12-03 15:13 - 00000000 _____ () C:\Users\Tim\AppData\Local\{7449D0F4-AD5C-4D8A-BA98-687BB5203CD2}
2014-12-02 17:53 - 2014-12-02 17:53 - 00001068 _____ () C:\Users\Tim\Desktop\BMW.lnk
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-02 17:21 - 2014-12-06 14:16 - 00001464 _____ () C:\Windows\setupact.log
2014-12-02 17:21 - 2014-12-05 14:30 - 00004726 _____ () C:\Windows\PFRO.log
2014-12-02 17:21 - 2014-12-02 17:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 17:12 - 2014-12-02 17:12 - 00000085 _____ () C:\Windows\wininit.ini
2014-12-02 17:08 - 2014-12-02 17:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-02 17:08 - 2014-12-02 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-02 17:08 - 2014-12-02 17:08 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-02 17:04 - 2014-12-02 17:05 - 00376202 _____ () C:\Users\Tim\Desktop\cc_20141202_170449.reg
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 __HDC () C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Stardock
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-12-02 16:07 - 2014-12-02 16:07 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-02 13:51 - 2014-12-02 13:51 - 00000000 ___DL () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-02 13:46 - 2014-12-02 15:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SymMover
2014-12-02 13:46 - 2014-12-02 13:46 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SymMover
2014-12-02 13:44 - 2014-12-02 13:45 - 00000000 ____D () C:\Users\Tim\Symmover
2014-12-01 19:03 - 2014-12-01 19:03 - 00003132 _____ () C:\Windows\System32\Tasks\{2CB07BE7-18B5-42B0-9745-695514D19B69}
2014-11-30 17:01 - 2014-11-30 17:01 - 00004656 _____ () C:\Windows\SysWOW64\abengine.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00003086 _____ () C:\Windows\System32\Tasks\upfs7214
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\SysWOW64\abengineOff.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\system32\abengineOff.ini
2014-11-30 17:01 - 2014-11-23 23:23 - 00370584 _____ (Abengine) C:\Windows\system32\abengine64.dll
2014-11-30 16:57 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\itesing
2014-11-30 15:52 - 2014-12-01 19:00 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Anvsoft
2014-11-30 15:52 - 2014-11-30 15:52 - 00000000 ____D () C:\Users\Tim\Documents\Any Video Converter
2014-11-30 14:45 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Local\MAGIX_Software_GmbH
2014-11-29 15:04 - 2014-11-29 15:04 - 00000000 __SHD () C:\Users\Tim\AppData\Local\EmieBrowserModeList
2014-11-29 14:28 - 2014-11-30 15:56 - 00538128 _____ () C:\Users\Tim\Desktop\2014_09 HB-HH-HB.MVP
2014-11-22 22:43 - 2014-11-22 22:43 - 00000000 ____D () C:\Users\Tim\Desktop\Xperia Z
2014-11-22 21:08 - 2014-11-22 22:41 - 00000000 ____D () C:\Users\Tim\Desktop\Handy fotos
2014-11-21 15:32 - 2014-11-22 13:17 - 00000000 ____D () C:\Users\Tim\Desktop\Fotos Videos papa
2014-11-19 16:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 16:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-11-13 17:32 - 2014-11-13 17:32 - 00000000 __SHD () C:\Users\Chiara\AppData\Local\EmieBrowserModeList
2014-11-13 17:07 - 2014-11-13 17:07 - 01942161 _____ () C:\Users\Chiara\Downloads\wave-interference_en.jar
2014-11-13 17:07 - 2014-11-13 17:07 - 00000000 ____D () C:\Users\Chiara\.phet
2014-11-12 15:44 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 15:44 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 15:44 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:44 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 15:44 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 15:44 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:44 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:44 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 15:44 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 15:44 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:44 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:44 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:44 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 15:44 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 15:44 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 15:44 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 15:44 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 15:44 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 15:44 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 15:44 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 15:44 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 15:44 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 15:44 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 15:44 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 15:44 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 15:44 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 15:44 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 15:43 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 15:43 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 15:43 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 15:43 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 15:43 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 15:43 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 15:43 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:43 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 15:43 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 15:43 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 15:43 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:43 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-07 20:05 - 2014-11-07 20:05 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 14:21 - 2013-10-18 12:54 - 01514819 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 14:19 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Spotify
2014-12-06 14:18 - 2014-10-18 17:03 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-12-06 14:18 - 2014-09-15 15:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-06 14:18 - 2013-11-17 13:10 - 00000000 ____D () C:\Users\Tim\AppData\Local\HTC MediaHub
2014-12-06 14:17 - 2014-05-10 16:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 14:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 21:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:33 - 2013-10-20 12:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-05 21:30 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-05 16:13 - 2014-05-10 16:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-05 14:31 - 2014-09-09 20:21 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-05 14:27 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-04 20:36 - 2014-09-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-04 15:40 - 2014-09-14 18:41 - 00000000 ____D () C:\AdwCleaner
2014-12-04 15:10 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Local\Spotify
2014-12-02 19:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-02 17:05 - 2013-10-18 13:57 - 00000000 ____D () C:\Windows\pss
2014-12-02 13:44 - 2013-10-18 12:55 - 00000000 ____D () C:\Users\Tim
2014-12-01 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-01 19:53 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2014-12-01 18:56 - 2014-05-10 16:16 - 00000000 ____D () C:\Users\Chiara\AppData\Local\LogMeIn Hamachi
2014-12-01 18:56 - 2013-11-17 12:35 - 00000000 ____D () C:\Users\Chiara\AppData\Local\HTC MediaHub
2014-11-30 20:23 - 2014-10-19 12:07 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-11-30 20:23 - 2014-07-02 19:46 - 00000000 ____D () C:\Users\Tim\Desktop\Neuer Ordner
2014-11-30 20:23 - 2014-05-10 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-30 20:23 - 2014-03-15 10:29 - 00000000 ____D () C:\Users\Tim\Desktop\Papa musik
2014-11-30 20:23 - 2013-11-02 09:53 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\vlc
2014-11-30 20:23 - 2013-10-30 16:44 - 00000000 ____D () C:\Users\Chiara
2014-11-30 20:23 - 2013-10-27 16:26 - 00000000 ____D () C:\Users\Tim\Documents\BMW
2014-11-30 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-30 17:06 - 2014-01-13 16:35 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TeamViewer
2014-11-30 17:02 - 2014-10-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 17:02 - 2014-10-08 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus-Simulator 2012
2014-11-30 17:02 - 2014-08-26 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-30 17:02 - 2014-08-25 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-11-30 17:02 - 2014-07-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-11-30 17:02 - 2014-06-25 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-30 17:02 - 2014-06-22 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-30 17:02 - 2014-04-03 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gabelstapler Simulator 2009
2014-11-30 17:02 - 2014-02-27 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-11-30 17:02 - 2014-01-28 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-30 17:02 - 2014-01-14 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-11-30 17:02 - 2013-12-06 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 17:02 - 2013-10-20 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-30 17:02 - 2013-10-20 13:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-11-30 17:02 - 2013-10-20 12:53 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-30 17:02 - 2013-10-18 12:55 - 00000000 ___RD () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:02 - 2011-05-06 23:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-11-30 17:02 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:01 - 2013-10-21 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-30 14:44 - 2014-02-23 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\MAGIX
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 11:37 - 2011-03-15 22:23 - 00714496 _____ () C:\Windows\system32\perfh007.dat
2014-11-23 11:37 - 2011-03-15 22:23 - 00154218 _____ () C:\Windows\system32\perfc007.dat
2014-11-23 11:37 - 2009-07-14 06:13 - 01660444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 17:21 - 2013-10-27 16:26 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-21 15:32 - 2013-10-18 13:38 - 00170632 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 06:14 - 2014-09-15 15:54 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-17 15:08 - 2014-05-10 16:15 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-17 15:08 - 2014-05-10 16:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 16:29 - 2014-06-07 20:19 - 00000000 ____D () C:\Users\Chiara\Desktop\Server
2014-11-16 15:42 - 2013-11-17 12:23 - 00170632 _____ () C:\Users\Chiara\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 15:41 - 2009-07-14 05:45 - 00563992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 15:38 - 2013-11-17 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-11-16 15:38 - 2013-11-17 12:32 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-16 15:37 - 2013-11-17 12:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\Downloaded Installations
2014-11-16 15:36 - 2013-11-17 12:32 - 00000000 ____D () C:\Temp
2014-11-13 04:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:26 - 2014-05-06 15:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:11 - 2014-01-13 17:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:08 - 2013-10-25 15:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:02 - 2013-10-25 15:27 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-10 13:54 - 2014-09-10 15:55 - 00000000 ____D () C:\Users\Chiara\AppData\Local\AVG Web TuneUp
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Local\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-09 12:49 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Tim\AppData\Local\AVG Web TuneUp
2014-11-08 13:49 - 2014-11-01 20:39 - 00000000 ____D () C:\Users\Tim\Documents\Flight Simulator X-Dateien
2014-11-07 21:24 - 2013-12-27 21:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.minecraft
2014-11-07 20:05 - 2014-09-09 20:15 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp

Some content of TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\Cobra11_Highway_Nights_Demo.exe
C:\Users\Tim\AppData\Local\Temp\sdan.exe
C:\Users\Tim\AppData\Local\Temp\sdapk.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-29 18:24

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Und die Addtition.txt:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014
Ran by Tim at 2014-12-06 14:22:37
Running from C:\Users\Tim\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.22 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4794 - AVG Technologies)
AVG 2014 (Version: 14.0.4235 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4794 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
Battlefield Play4Free (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version:  - astragon)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
City Bus Simulator 2010 - Gold Edition (HKLM-x32\...\{9FB088BB-47DC-452C-BE8E-036E2243B4C8}) (Version: 1.00 - TML-Studios)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Free MP4 Video Converter version 5.0.46.820 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional CM1410 Series (HKLM-x32\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version:  - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM-x32\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{22FE3793-5961-4ADE-AE66-69D9291C22B1}) (Version: 1.03.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppCM1410LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden
hppFaxDrvCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1410 (x32 Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
hppSendFaxCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXCM1410 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Designelemente) (HKLM-x32\...\MX.{53BBE66D-C843-4E0A-A317-2F0B8FA29485}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Designelemente) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (HKLM-x32\...\MX.{BD329C68-4F9A-4ACD-A2D0-D6D59380E6E7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium Update (Version: 13.0.5.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA Grafiktreiber 268.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.29 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.1 - pdfforge)
PhotoDose 5.1 (HKLM-x32\...\Photo Dose_is1) (Version:  - )
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SL-6640-SBK BLACK WIDOW Flightstick (HKLM-x32\...\SL-6640-SBK BLACK WIDOW Flightstick) (Version:  - )
Spotify (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SymMover (HKLM-x32\...\SymMover) (Version:  - )
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.00.0 - H+H Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WorldofTanks (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\WorldofTanks) (Version:  - WorldofTanks)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programme\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

29-11-2014 17:30:59 Geplanter Prüfpunkt
30-11-2014 16:04:23 Removed HTC Driver Installer.
30-11-2014 19:18:51 Wiederherstellungsvorgang
01-12-2014 18:50:51 Revo Uninstaller's restore point - WorldofTanks
02-12-2014 16:15:06 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03324725-91F2-4B5C-A034-E26110AD72B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {1730127B-3E29-42CB-AD15-B14A2EB8B95B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {228DB8E0-BDB0-416C-8661-F1C426CE6A1D} - System32\Tasks\upfs7214 => C:\PROGRA~2\Flowsurf\upfs7214.exe
Task: {2290C1E2-D480-4D07-ACBA-D30E54D25E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {46E19EE6-1150-4B65-B080-3F036BB2871A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {70025206-866D-480E-9860-AFE98A976CA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7CC1D3D8-5232-47EE-95C7-469EB2280DBF} - System32\Tasks\Google Updater and Installer => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8A02BA2F-0469-4455-A941-35993C066343} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {9997E983-4740-486F-B30F-C421F9BE7C9F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {A0495D01-3C2C-4F92-88DD-4BF1E014A182} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {AA38C0B9-AA52-4279-B5E3-47FE3B27E3E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D510C4F0-0979-42C5-9014-D59588772E17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3274256860-3384179074-2863741347-1000
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-06 23:25 - 2010-11-03 10:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-05-06 23:25 - 2010-12-02 03:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2011-05-06 23:25 - 2010-10-21 10:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-10-24 13:38 - 2014-10-24 13:38 - 00613944 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 23:25 - 2014-12-06 14:16 - 00019456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-05-06 23:25 - 2010-06-29 03:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-11-03 11:04 - 2014-11-03 11:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 11:06 - 2014-11-03 11:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 11:07 - 2014-11-03 11:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 36966968 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libcef.dll
2014-10-27 22:05 - 2014-10-27 22:05 - 00117248 _____ () C:\Users\Tim\AppData\Roaming\itesing\marfacat.dll
2011-05-06 23:25 - 2011-01-12 19:53 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2011-05-06 23:25 - 2009-08-13 05:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2011-05-06 23:25 - 2011-02-17 20:10 - 01035776 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2011-05-06 23:25 - 2011-01-20 21:09 - 00964096 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2011-05-06 23:26 - 2011-03-12 04:53 - 01257472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2011-05-06 23:26 - 2011-01-06 19:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2011-05-06 23:25 - 2011-01-14 01:47 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2011-05-06 23:25 - 2010-09-28 05:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2011-05-06 23:25 - 2011-01-08 01:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2011-05-06 23:25 - 2010-08-07 03:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2011-05-06 23:25 - 2010-08-07 03:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2011-05-06 23:25 - 2010-08-23 03:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00867896 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00886840 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00108600 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:F1A5FE8B

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: BlackBerryLink.exe => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: HP LaserJet Professional CM1410 Series Fax => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDFPrint => D:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: ToolboxFX => "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: VC10Player => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot

========================= Accounts: ==========================

Administrator (S-1-5-21-3274256860-3384179074-2863741347-500 - Administrator - Disabled)
Chiara (S-1-5-21-3274256860-3384179074-2863741347-1003 - Limited - Enabled) => C:\Users\Chiara
Gast (S-1-5-21-3274256860-3384179074-2863741347-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3274256860-3384179074-2863741347-1002 - Limited - Enabled)
Tim (S-1-5-21-3274256860-3384179074-2863741347-1000 - Administrator - Enabled) => C:\Users\Tim

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2014 02:18:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 09:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 03:59:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223


System errors:
=============
Error: (12/06/2014 02:20:19 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070420

Error: (12/06/2014 02:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerprofildienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:31:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (12/06/2014 02:18:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 09:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 03:59:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8104.29 MB
Available physical RAM: 4851.17 MB
Total Pagefile: 16206.77 MB
Available Pagefile: 12791.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:745.21 GB) (Free:552.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:1103.63 GB) (Free:756.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=14.2 GB) - (Type=1B)
Partition 2: (Active) - (Size=745.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1103.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Hier noch den FRST log:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Tim (administrator) on SPIELE-PC-DIETZ on 06-12-2014 14:21:29
Running from C:\Users\Tim\Downloads
Loaded Profile: Tim (Available profiles: Tim & Chiara)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgemca.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(AVG Technologies CZ, s.r.o.) D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => D:\Programme\AVG Anti-Virus\AVG 2014\avgui.exe [5188112 2014-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify] => C:\Users\Tim\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Run: [Spotify Web Helper] => C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {3ad8cc06-2842-11e4-b6df-5404a667c7bf} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {7aeabb5e-d847-11e3-8a0a-5404a667c7bf} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {8022c7e1-0128-11e4-a871-5404a667c7bf} - F:\Startme.exe
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\MountPoints2: {c447e447-7c6d-11e3-b9be-5404a667c7bf} - G:\SETUP.EXE
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEA318F53FECBCE01
HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-28]
FF HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Firefox\Extensions: [{38193564-FF03-06D0-0062-53FFFF2F9C05}] - C:\Program Files (x86)\ver1SpeedCheck\178.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1417363290&from=amt&uid=WDCXWD20EARX-22PASB0_WD-WCAZA953752537525
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-02]
CHR Extension: (WOT) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-02]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-18]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVGIDSAgent; D:\Programme\AVG Anti-Virus\AVG 2014\avgidsagent.exe [3247120 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; D:\Programme\AVG Anti-Virus\AVG 2014\avgwdsvc.exe [289328 2014-11-07] (AVG Technologies CZ, s.r.o.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
R2 MBAMScheduler; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Symmover Malwarebytes Anti Malware\SymMover\C\Program Files (x86)\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147464 2013-01-08] (H+H Software GmbH)
S2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-01-30] (Asmedia Technology)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-09] (AVG Technologies)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-09] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [226080 2012-12-06] (H+H Software GmbH)
S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 14:21 - 2014-12-06 14:22 - 00019652 _____ () C:\Users\Tim\Downloads\FRST.txt
2014-12-06 14:21 - 2014-12-06 14:21 - 00000000 ____D () C:\Users\Tim\Downloads\FRST-OlderVersion
2014-12-05 16:04 - 2014-12-05 16:09 - 00000000 ____D () C:\Users\Tim\AppData\Local\www.rene-zeidler.de
2014-12-05 16:04 - 2014-12-05 16:04 - 00437645 _____ () C:\Users\Tim\Downloads\SnippingToolPlusv3-4-1-0.zip
2014-12-05 16:04 - 2014-12-05 16:04 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\www.rene-zeidler.de
2014-12-05 16:04 - 2014-12-05 16:04 - 00000000 ____D () C:\ProgramData\www.rene-zeidler.de
2014-12-05 16:03 - 2014-12-05 16:03 - 01174352 _____ () C:\Users\Tim\Downloads\Snipping Tool Plus - CHIP-Installer.exe
2014-12-05 16:01 - 2014-12-05 16:01 - 01707646 _____ (Thisisu) C:\Users\Tim\Downloads\JRT64.exe
2014-12-05 15:54 - 2014-12-05 15:54 - 00000000 ____D () C:\Users\Tim\Downloads\Neuer Ordner
2014-12-04 20:55 - 2014-12-04 20:55 - 00001406 _____ () C:\Users\Tim\Desktop\mbam.txt
2014-12-04 20:33 - 2014-12-04 20:33 - 01707646 _____ (Thisisu) C:\Users\Tim\Desktop\JRT64.exe
2014-12-04 16:31 - 2014-12-04 16:31 - 00045568 _____ () C:\Users\Tim\Desktop\FRST.txt
2014-12-04 16:30 - 2014-12-04 16:30 - 00036404 _____ () C:\Users\Tim\Desktop\Addition.txt
2014-12-04 16:26 - 2014-12-06 14:21 - 00000000 ____D () C:\FRST
2014-12-04 16:25 - 2014-12-06 14:21 - 02118144 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2014-12-04 15:41 - 2014-12-04 15:41 - 00001415 _____ () C:\Users\Tim\Desktop\AdwCleaner[R3].txt
2014-12-03 15:13 - 2014-12-03 15:13 - 00000000 _____ () C:\Users\Tim\AppData\Local\{7449D0F4-AD5C-4D8A-BA98-687BB5203CD2}
2014-12-02 17:53 - 2014-12-02 17:53 - 00001068 _____ () C:\Users\Tim\Desktop\BMW.lnk
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-02 17:32 - 2014-12-02 17:32 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-02 17:21 - 2014-12-06 14:16 - 00001464 _____ () C:\Windows\setupact.log
2014-12-02 17:21 - 2014-12-05 14:30 - 00004726 _____ () C:\Windows\PFRO.log
2014-12-02 17:21 - 2014-12-02 17:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 17:12 - 2014-12-02 17:12 - 00000085 _____ () C:\Windows\wininit.ini
2014-12-02 17:08 - 2014-12-02 17:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-02 17:08 - 2014-12-02 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-02 17:08 - 2014-12-02 17:08 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-12-02 17:04 - 2014-12-02 17:05 - 00376202 _____ () C:\Users\Tim\Desktop\cc_20141202_170449.reg
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 __HDC () C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Stardock
2014-12-02 16:45 - 2014-12-02 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-12-02 16:07 - 2014-12-02 16:07 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-02 13:51 - 2014-12-02 13:51 - 00000000 ___DL () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-02 13:46 - 2014-12-02 15:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SymMover
2014-12-02 13:46 - 2014-12-02 13:46 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SymMover
2014-12-02 13:44 - 2014-12-02 13:45 - 00000000 ____D () C:\Users\Tim\Symmover
2014-12-01 19:03 - 2014-12-01 19:03 - 00003132 _____ () C:\Windows\System32\Tasks\{2CB07BE7-18B5-42B0-9745-695514D19B69}
2014-11-30 17:01 - 2014-11-30 17:01 - 00004656 _____ () C:\Windows\SysWOW64\abengine.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00003086 _____ () C:\Windows\System32\Tasks\upfs7214
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\SysWOW64\abengineOff.ini
2014-11-30 17:01 - 2014-11-30 17:01 - 00002560 _____ () C:\Windows\system32\abengineOff.ini
2014-11-30 17:01 - 2014-11-23 23:23 - 00370584 _____ (Abengine) C:\Windows\system32\abengine64.dll
2014-11-30 16:57 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\itesing
2014-11-30 15:52 - 2014-12-01 19:00 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Anvsoft
2014-11-30 15:52 - 2014-11-30 15:52 - 00000000 ____D () C:\Users\Tim\Documents\Any Video Converter
2014-11-30 14:45 - 2014-11-30 20:23 - 00000000 ____D () C:\Users\Tim\AppData\Local\MAGIX_Software_GmbH
2014-11-29 15:04 - 2014-11-29 15:04 - 00000000 __SHD () C:\Users\Tim\AppData\Local\EmieBrowserModeList
2014-11-29 14:28 - 2014-11-30 15:56 - 00538128 _____ () C:\Users\Tim\Desktop\2014_09 HB-HH-HB.MVP
2014-11-22 22:43 - 2014-11-22 22:43 - 00000000 ____D () C:\Users\Tim\Desktop\Xperia Z
2014-11-22 21:08 - 2014-11-22 22:41 - 00000000 ____D () C:\Users\Tim\Desktop\Handy fotos
2014-11-21 15:32 - 2014-11-22 13:17 - 00000000 ____D () C:\Users\Tim\Desktop\Fotos Videos papa
2014-11-19 16:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 16:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 16:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-11-13 17:32 - 2014-11-13 17:32 - 00000000 __SHD () C:\Users\Chiara\AppData\Local\EmieBrowserModeList
2014-11-13 17:07 - 2014-11-13 17:07 - 01942161 _____ () C:\Users\Chiara\Downloads\wave-interference_en.jar
2014-11-13 17:07 - 2014-11-13 17:07 - 00000000 ____D () C:\Users\Chiara\.phet
2014-11-12 15:44 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 15:44 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 15:44 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 15:44 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 15:44 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 15:44 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 15:44 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 15:44 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:44 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 15:44 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 15:44 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 15:44 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 15:44 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 15:44 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 15:44 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 15:44 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 15:44 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 15:44 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 15:44 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 15:44 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 15:44 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 15:44 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 15:44 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 15:44 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 15:44 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 15:44 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 15:44 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 15:44 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 15:44 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 15:44 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 15:44 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 15:44 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 15:44 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 15:44 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 15:44 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 15:44 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 15:44 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 15:44 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 15:44 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 15:44 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 15:44 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 15:44 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 15:44 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 15:44 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 15:44 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 15:43 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 15:43 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 15:43 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 15:43 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 15:43 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 15:43 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 15:43 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 15:43 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 15:43 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 15:43 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 15:43 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 15:43 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 15:43 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 15:43 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 15:43 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:43 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-07 20:05 - 2014-11-07 20:05 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 14:21 - 2013-10-18 12:54 - 01514819 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 14:19 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Spotify
2014-12-06 14:18 - 2014-10-18 17:03 - 00000000 ____D () C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-12-06 14:18 - 2014-09-15 15:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-06 14:18 - 2013-11-17 13:10 - 00000000 ____D () C:\Users\Tim\AppData\Local\HTC MediaHub
2014-12-06 14:17 - 2014-05-10 16:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 14:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 21:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:37 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:33 - 2013-10-20 12:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-05 21:30 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-05 16:13 - 2014-05-10 16:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-05 14:31 - 2014-09-09 20:21 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-05 14:27 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-04 20:36 - 2014-09-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-04 15:40 - 2014-09-14 18:41 - 00000000 ____D () C:\AdwCleaner
2014-12-04 15:10 - 2014-10-24 13:38 - 00000000 ____D () C:\Users\Tim\AppData\Local\Spotify
2014-12-02 19:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-02 17:05 - 2013-10-18 13:57 - 00000000 ____D () C:\Windows\pss
2014-12-02 13:44 - 2013-10-18 12:55 - 00000000 ____D () C:\Users\Tim
2014-12-01 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-01 19:53 - 2010-11-21 08:16 - 00000000 ____D () C:\Windows\ShellNew
2014-12-01 18:56 - 2014-05-10 16:16 - 00000000 ____D () C:\Users\Chiara\AppData\Local\LogMeIn Hamachi
2014-12-01 18:56 - 2013-11-17 12:35 - 00000000 ____D () C:\Users\Chiara\AppData\Local\HTC MediaHub
2014-11-30 20:23 - 2014-10-19 12:07 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-11-30 20:23 - 2014-07-02 19:46 - 00000000 ____D () C:\Users\Tim\Desktop\Neuer Ordner
2014-11-30 20:23 - 2014-05-10 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-30 20:23 - 2014-03-15 10:29 - 00000000 ____D () C:\Users\Tim\Desktop\Papa musik
2014-11-30 20:23 - 2013-11-02 09:53 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\vlc
2014-11-30 20:23 - 2013-10-30 16:44 - 00000000 ____D () C:\Users\Chiara
2014-11-30 20:23 - 2013-10-27 16:26 - 00000000 ____D () C:\Users\Tim\Documents\BMW
2014-11-30 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-30 17:06 - 2014-01-13 16:35 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\TeamViewer
2014-11-30 17:02 - 2014-10-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 17:02 - 2014-10-08 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus-Simulator 2012
2014-11-30 17:02 - 2014-08-26 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-30 17:02 - 2014-08-25 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-11-30 17:02 - 2014-07-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-11-30 17:02 - 2014-06-25 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-30 17:02 - 2014-06-22 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-30 17:02 - 2014-04-03 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gabelstapler Simulator 2009
2014-11-30 17:02 - 2014-02-27 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-11-30 17:02 - 2014-01-28 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-30 17:02 - 2014-01-14 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-11-30 17:02 - 2013-12-06 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 17:02 - 2013-10-20 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-30 17:02 - 2013-10-20 13:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-11-30 17:02 - 2013-10-20 12:53 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-30 17:02 - 2013-10-18 12:55 - 00000000 ___RD () C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:02 - 2011-05-06 23:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-11-30 17:02 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-30 17:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-30 17:01 - 2013-10-21 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-30 14:44 - 2014-02-23 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\MAGIX
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 11:37 - 2011-03-15 22:23 - 00714496 _____ () C:\Windows\system32\perfh007.dat
2014-11-23 11:37 - 2011-03-15 22:23 - 00154218 _____ () C:\Windows\system32\perfc007.dat
2014-11-23 11:37 - 2009-07-14 06:13 - 01660444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 17:21 - 2013-10-27 16:26 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-21 15:32 - 2013-10-18 13:38 - 00170632 _____ () C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 06:14 - 2014-09-15 15:54 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-09-15 15:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-17 15:08 - 2014-05-10 16:15 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-17 15:08 - 2014-05-10 16:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 16:29 - 2014-06-07 20:19 - 00000000 ____D () C:\Users\Chiara\Desktop\Server
2014-11-16 15:42 - 2013-11-17 12:23 - 00170632 _____ () C:\Users\Chiara\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 15:41 - 2009-07-14 05:45 - 00563992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 15:38 - 2013-11-17 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-11-16 15:38 - 2013-11-17 12:32 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-16 15:37 - 2013-11-17 12:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\Downloaded Installations
2014-11-16 15:36 - 2013-11-17 12:32 - 00000000 ____D () C:\Temp
2014-11-13 04:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:26 - 2014-05-06 15:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:11 - 2014-01-13 17:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:08 - 2013-10-25 15:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:02 - 2013-10-25 15:27 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-10 13:54 - 2014-09-10 15:55 - 00000000 ____D () C:\Users\Chiara\AppData\Local\AVG Web TuneUp
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Users\Tim\AppData\Local\Opera Software
2014-11-09 13:28 - 2014-10-19 12:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-09 12:49 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Tim\AppData\Local\AVG Web TuneUp
2014-11-08 13:49 - 2014-11-01 20:39 - 00000000 ____D () C:\Users\Tim\Documents\Flight Simulator X-Dateien
2014-11-07 21:24 - 2013-12-27 21:02 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\.minecraft
2014-11-07 20:05 - 2014-09-09 20:15 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp

Some content of TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\Cobra11_Highway_Nights_Demo.exe
C:\Users\Tim\AppData\Local\Temp\sdan.exe
C:\Users\Tim\AppData\Local\Temp\sdapk.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-29 18:24

==================== End Of Log ============================
         

--- --- ---

Und die Addtition.txt:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014
Ran by Tim at 2014-12-06 14:22:37
Running from C:\Users\Tim\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.22 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4794 - AVG Technologies)
AVG 2014 (Version: 14.0.4235 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4794 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
Battlefield Play4Free (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version:  - astragon)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
City Bus Simulator 2010 - Gold Edition (HKLM-x32\...\{9FB088BB-47DC-452C-BE8E-036E2243B4C8}) (Version: 1.00 - TML-Studios)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Free MP4 Video Converter version 5.0.46.820 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional CM1410 Series (HKLM-x32\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version:  - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM-x32\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{22FE3793-5961-4ADE-AE66-69D9291C22B1}) (Version: 1.03.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppCM1410LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden
hppFaxDrvCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1410 (x32 Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
hppSendFaxCM1410 (x32 Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXCM1410 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Designelemente) (HKLM-x32\...\MX.{53BBE66D-C843-4E0A-A317-2F0B8FA29485}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Designelemente) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (HKLM-x32\...\MX.{BD329C68-4F9A-4ACD-A2D0-D6D59380E6E7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium Update (Version: 13.0.5.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Thunderbird 31.1.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.2 (x86 de)) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA Grafiktreiber 268.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.29 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.1 - pdfforge)
PhotoDose 5.1 (HKLM-x32\...\Photo Dose_is1) (Version:  - )
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SL-6640-SBK BLACK WIDOW Flightstick (HKLM-x32\...\SL-6640-SBK BLACK WIDOW Flightstick) (Version:  - )
Spotify (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SymMover (HKLM-x32\...\SymMover) (Version:  - )
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.00.0 - H+H Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WorldofTanks (HKU\S-1-5-21-3274256860-3384179074-2863741347-1000\...\WorldofTanks) (Version:  - WorldofTanks)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3274256860-3384179074-2863741347-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programme\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

29-11-2014 17:30:59 Geplanter Prüfpunkt
30-11-2014 16:04:23 Removed HTC Driver Installer.
30-11-2014 19:18:51 Wiederherstellungsvorgang
01-12-2014 18:50:51 Revo Uninstaller's restore point - WorldofTanks
02-12-2014 16:15:06 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03324725-91F2-4B5C-A034-E26110AD72B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {1730127B-3E29-42CB-AD15-B14A2EB8B95B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {228DB8E0-BDB0-416C-8661-F1C426CE6A1D} - System32\Tasks\upfs7214 => C:\PROGRA~2\Flowsurf\upfs7214.exe
Task: {2290C1E2-D480-4D07-ACBA-D30E54D25E71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {46E19EE6-1150-4B65-B080-3F036BB2871A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {70025206-866D-480E-9860-AFE98A976CA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7CC1D3D8-5232-47EE-95C7-469EB2280DBF} - System32\Tasks\Google Updater and Installer => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8A02BA2F-0469-4455-A941-35993C066343} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {9997E983-4740-486F-B30F-C421F9BE7C9F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {A0495D01-3C2C-4F92-88DD-4BF1E014A182} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {AA38C0B9-AA52-4279-B5E3-47FE3B27E3E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D510C4F0-0979-42C5-9014-D59588772E17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3274256860-3384179074-2863741347-1000
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-06 23:25 - 2010-11-03 10:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-05-06 23:25 - 2010-12-02 03:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2011-05-06 23:25 - 2010-10-21 10:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-10-24 13:38 - 2014-10-24 13:38 - 00613944 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 23:25 - 2014-12-06 14:16 - 00019456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-05-06 23:25 - 2010-06-29 03:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-11-03 11:04 - 2014-11-03 11:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 11:05 - 2014-11-03 11:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 11:06 - 2014-11-03 11:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 11:07 - 2014-11-03 11:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 36966968 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libcef.dll
2014-10-27 22:05 - 2014-10-27 22:05 - 00117248 _____ () C:\Users\Tim\AppData\Roaming\itesing\marfacat.dll
2011-05-06 23:25 - 2011-01-12 19:53 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2011-05-06 23:25 - 2009-08-13 05:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2011-05-06 23:25 - 2011-02-17 20:10 - 01035776 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2011-05-06 23:25 - 2011-01-20 21:09 - 00964096 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2011-05-06 23:26 - 2011-03-12 04:53 - 01257472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2011-05-06 23:26 - 2011-01-06 19:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2011-05-06 23:25 - 2011-01-14 01:47 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2011-05-06 23:25 - 2010-09-28 05:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2011-05-06 23:25 - 2011-01-08 01:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2011-05-06 23:25 - 2010-08-07 03:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2011-05-06 23:25 - 2010-08-07 03:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2011-05-06 23:25 - 2010-08-23 03:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-02 16:37 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2011-05-06 23:25 - 2010-06-22 00:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00867896 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00886840 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-10-24 13:38 - 2014-10-24 13:38 - 00108600 _____ () C:\Users\Tim\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:F1A5FE8B

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: BlackBerryLink.exe => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: HP LaserJet Professional CM1410 Series Fax => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDFPrint => D:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: ToolboxFX => "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: VC10Player => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot

========================= Accounts: ==========================

Administrator (S-1-5-21-3274256860-3384179074-2863741347-500 - Administrator - Disabled)
Chiara (S-1-5-21-3274256860-3384179074-2863741347-1003 - Limited - Enabled) => C:\Users\Chiara
Gast (S-1-5-21-3274256860-3384179074-2863741347-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3274256860-3384179074-2863741347-1002 - Limited - Enabled)
Tim (S-1-5-21-3274256860-3384179074-2863741347-1000 - Administrator - Enabled) => C:\Users\Tim

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2014 02:18:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 09:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 03:59:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223


System errors:
=============
Error: (12/06/2014 02:20:19 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070420

Error: (12/06/2014 02:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.10" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerprofildienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:32:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:31:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2014 09:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (12/06/2014 02:18:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 09:30:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 03:59:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 02:32:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 03:09:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8221

Error: (12/02/2014 08:28:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 08:28:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8104.29 MB
Available physical RAM: 4851.17 MB
Total Pagefile: 16206.77 MB
Available Pagefile: 12791.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:745.21 GB) (Free:552.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:1103.63 GB) (Free:756.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: CB5BD2B2)
Partition 1: (Not Active) - (Size=14.2 GB) - (Type=1B)
Partition 2: (Active) - (Size=745.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1103.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Gibts aktuell noch die Meldungen beim Systemneustart ?

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.



ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

SecurityCheck gedownloadet und (auch als Admin) ausgeführt... Leider führt dies zu nichts. Es steht etwa eine Minute Preparing bis die Fehlermeldung kommt (s. Bilder in der Reihenfolge..) ESET kommt noch..

Hier die Log.txt von ESET:

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=49d5f2a23459a24d99ec197b95eeb1e3
# engine=21362
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-02 04:00:39
# local_time=2014-12-02 05:00:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 193354 104670023 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 35298764 169165889 0 0
# scanned=108816
# found=6
# cleaned=0
# scan_time=3126
sh=D31E1FC635AF6E1618B9AD4F0EA0E2285D3799F6 ft=1 fh=56588c1e5d26248b vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\converter.exe"
sh=ED4BD3B5F2795F20332F7004B759618AC94DF070 ft=1 fh=eeea69929ff9f3b1 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\DownloadAPI.dll"
sh=DBE5B31DAA3647D21865CEB8CF6E9E84AE00725D ft=1 fh=349ee6c0ebd44533 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\DownloadHelper.exe"
sh=F506DD86AD2A3846A6262297F583608A9D57CB52 ft=1 fh=312dd8fa0d2eeb2c vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\YTDownloader.exe"
sh=24AD9B344F10A31E6B9B0F676D46798939F59267 ft=1 fh=9534ff8257ecc105 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Common Files\System\SysMenu.dll"
sh=E1440A2ACAD3CF30B455B8DFD288A0B3C06415DF ft=1 fh=d2ddf9137355b4c4 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Tim\AppData\Local\Temp\awh6FC7.tmp"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=49d5f2a23459a24d99ec197b95eeb1e3
# engine=21365
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-02 06:32:01
# local_time=2014-12-02 07:32:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 7996 104679105 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7939 169174971 0 0
# scanned=304855
# found=2
# cleaned=2
# scan_time=7068
sh=24AD9B344F10A31E6B9B0F676D46798939F59267 ft=1 fh=9534ff8257ecc105 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files\Common Files\System\SysMenu.dll"
sh=E1440A2ACAD3CF30B455B8DFD288A0B3C06415DF ft=1 fh=d2ddf9137355b4c4 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Tim\AppData\Local\Temp\awh6FC7.tmp"
esets_scanner_update returned -1 esets_gle=1
         

Es wurde eine Bedrohung erkannt, soll diese nun in Quarantäne geschoben werden?

Zitat:

# utc_time=2014-12-02 06:32:01

Stimmt das Datum am Rechner nicht oder ist das nen altes log ?

Hmm
Um 6 Uhr morgens habe ich den Computer nicht mal angeschaltet gehabt.. Also im Explorer steht Änderungsdatum war der 10.12.2014... Nun sind in der Log Datei anscheinend zwei Scans?? Datum und Uhrzeit vom Computer ist auf jeden Fall korrekt.
Hier also nochmal die zwei Logs, welche allerdings in einer Datei sind... (log.txt)

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=49d5f2a23459a24d99ec197b95eeb1e3
# engine=21362
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-02 04:00:39
# local_time=2014-12-02 05:00:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 193354 104670023 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 35298764 169165889 0 0
# scanned=108816
# found=6
# cleaned=0
# scan_time=3126
sh=D31E1FC635AF6E1618B9AD4F0EA0E2285D3799F6 ft=1 fh=56588c1e5d26248b vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\converter.exe"
sh=ED4BD3B5F2795F20332F7004B759618AC94DF070 ft=1 fh=eeea69929ff9f3b1 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\DownloadAPI.dll"
sh=DBE5B31DAA3647D21865CEB8CF6E9E84AE00725D ft=1 fh=349ee6c0ebd44533 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\DownloadHelper.exe"
sh=F506DD86AD2A3846A6262297F583608A9D57CB52 ft=1 fh=312dd8fa0d2eeb2c vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3274256860-3384179074-2863741347-1000\$RGA7OI4\YTDownloader.exe"
sh=24AD9B344F10A31E6B9B0F676D46798939F59267 ft=1 fh=9534ff8257ecc105 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Common Files\System\SysMenu.dll"
sh=E1440A2ACAD3CF30B455B8DFD288A0B3C06415DF ft=1 fh=d2ddf9137355b4c4 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Tim\AppData\Local\Temp\awh6FC7.tmp"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=49d5f2a23459a24d99ec197b95eeb1e3
# engine=21365
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-02 06:32:01
# local_time=2014-12-02 07:32:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 7996 104679105 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7939 169174971 0 0
# scanned=304855
# found=2
# cleaned=2
# scan_time=7068
sh=24AD9B344F10A31E6B9B0F676D46798939F59267 ft=1 fh=9534ff8257ecc105 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files\Common Files\System\SysMenu.dll"
sh=E1440A2ACAD3CF30B455B8DFD288A0B3C06415DF ft=1 fh=d2ddf9137355b4c4 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Tim\AppData\Local\Temp\awh6FC7.tmp"
esets_scanner_update returned -1 esets_gle=1